Technology Lead

Role and Responsibilities: 

• Act as a primary liaison between technical teams and business stakeholders, facilitating expert advice on vulnerability remediation strategies and best practices. 

• Ensure strict adherence to security standards and advocate for the seamless integration of security measures into the Software Development Life Cycle (SDLC). 

• Develop and nurture collaborative relationships with business and development teams to align security objectives with business priorities, ensuring mutual benefit and effective prioritization. 

• Assess risks identified in vulnerability assessment results and other security-related data, prioritizing remediations in alignment with business objectives. 

• Partner with application teams to devise strategies for mitigating identified security gaps, assisting in the planning and prioritization of security remediation efforts and control implementations. 

• Provide technical guidance and support to application teams in implementing security controls, advocating for security-by-design principles, and integrating security scanning into the application build process. 

• Collaborate closely with stakeholders to ensure the completeness and accuracy of information security exception requests, aligning them with predetermined criteria and established risk tolerance levels. 

• Regularly communicate with management and stakeholders, presenting detailed reports and updates on vulnerabilities, ongoing remediation efforts, and the status and trends of exception requests 

• Conduct ongoing security research to stay abreast of current security challenges, identifying new opportunities for security integration and automation to enhance overall security posture. 

• Provide training and awareness on vulnerability risk management practices to technical teams and business stakeholders.  

Requirements: 

• Bachelor’s degree in computer science, Information Security, or a related field. Good to have advanced degree or relevant certifications (e.g., CISSP, CISM). 

• Minimum 8 years of demonstrated expertise in application security, coupled with proficiency in development. 

• Strong understanding of cloud and application security concepts, vulnerabilities, and attack vectors. 

• Robust Information Security technical skills and knowledge to identify, research, and understand security control gaps and program compliance issues. 

• Exceptional ability to communicate security concepts, threats, controls, and mitigation/remediation strategies to diverse audiences, including those unfamiliar with such topics. 

• Proven track record in information security vulnerability assessment, remediation, and security governance. 

• Familiarity with Security Policies, Procedures, Audit, and Compliance requirements. 

• Expert understanding of code syntax and semantics of at least one object-oriented programming language. 

• Possess an analytical mindset with the ability to prioritize and assess risks related to vulnerabilities and exception requests. 

• Proven ability to work independently, prioritize tasks, and manage multiple projects simultaneously in a fast-paced environment, ensuring timely and efficient completion of objectives.  

Soft Skills: 

• Excellent communication and interpersonal skills, adept at articulating technical concepts to non-technical stakeholders. 

• Capable of effectively collaborating with cross-functional teams and building consensus is essential. 

• Commitment to continuous learning and staying updated on industry developments and emerging technologies. .