Перейти до вмісту

Загальна Інформація

Код
1111111111112477
Країна
Індія
Регіон
Karnataka
Місто
Bengaluru
Тип контракту
Постійний
Сім'я посад
F06 - INFORMATION TECHNOLOGY

Опис

Job Title: AVP – Application Security

Department: Information Security

About Business line/Function: Information security and BCM team are responsible for performing the security assessment of all new/existing infrastructure and application projects. Also, responsible for assessing the business continuity requirement of each team and project based on the criticality and streamline the process to achieve the requirement.

Position Purpose: The purpose of this position is to lead a highperforming, multidisciplinary security team and shape the future of secure software delivery across the organization. Drive tangible impact through measurable security outcomes, automation, and innovation.

 

Responsibilities

Direct Responsibilities

  • Lead and manage the Application Security team, ensuring smooth delivery of security assessments (DAST/ASCR/SAST/DevSecOps projects), reviews and daily operations
  • Direct and mentor a team of Application Security Engineers, Analysts, and Automation Specialists, fostering a culture of continuous learning and excellence
  • Provide expert guidance on cybersecurity principles, secure SDLC practices and emerging application security threats and remediation techniques
  • Support and coordinate with internal team and stakeholders related to Application security audits
  • Develop and present management reports, dashboards and security metrics to leadership
  • Drive automation initiatives to improve efficiency of AppSec processes and reduce manual efforts
  • Define and enforce clear KPIs (e.g., meantimetoremediate, test coverage, falsepositive rate) and OKRs aligned with business objectives
  • Own the application security governance framework – continuously align security policies, standards, and controls with PCIDSS, GDPR, ISO 27001, NIST CSF, and industryspecific regulations
  • Lead periodic compliance audits and risk assessments, delivering evidencebased remediation plans and tracking closure
  • Act as the primary liaison between the AppSec team, application development/production teams, risk officers, and external auditors
  • Monitor and evaluate team deliverables, providing regular feedback, coaching, and careerdevelopment plans
  • Conduct resource planning, ensuring appropriate skillmix and capacity to meet evolving security demands

 

Technical & Behavioral Competencies

  • Strong knowledge of application security framework and standards (OWASP TOP 10, NIST, SANS, ISO and relevant regulatory requirements)
  • Strong understanding of OWASP top 10, SAST/DAST/SCA, API security, secure coding practices, threat modeling, vulnerability management, cryptography techniques, authentication techniques (SSO, SAML, MFA/2FA, etc.), secure SDLC
  • Serve as the subjectmatter expert on secure SDLC, threat modeling, secure coding standards, and emerging attack vectors (e.g., supplychain, container, serverless)
  • Experience supporting AppSec audits and implementing corrective actions
  • Develop custom scripts, APIs, and machinelearning models to reduce manual triage, improve detection accuracy, and accelerate remediation cycles
  • Experience scripting in Python, PowerShell, or Bash and building RESTful integrations with security platforms
  • Familiarity with risk assessment methodologies, policy governance and security controls monitoring
  • Exposure to tools such as Burp suite, AppSpider, Qualys, Fortify, Dependency scanning tools
  • Accountable for the delivery of AppSec security controls and producing relevant KPI dashboards per the defined standards. 
  • Ability to lead, mentor and motivate a team, foster a high-performance culture
  • Strong judgement to prioritize risks, solve problems and make timely decisions
  • Strong communication skills, team management and  leadership abilities
  • Excellent interpersonal and influencing skills – able to drive security adoption across diverse technical and business audiences
  • Ability to translate complex technical findings into clear, actionable recommendations for senior leadership
  • Experience building metricsdriven security programs that show measurable improvement over time

 

Specific Qualifications:

Any technical certification (CEH/ISO27001/CISM/CISA/CISSP) will be a value addition 

Skills Referential (Required knowledge, skills and abilities)

Technical Skills:

    • AppSec assessments (SAST/DAST/ASCR/DevSecOps/API Security)
    • Vulnerability management and Remediation techniques    
    • Governance framework and Reporting
    • KPI and automation

Behavioral Skills: 

    • Ability to collaborate / Teamwork
    • Ability to deliver / Results driven
    • Communication skills Oral & Written

Education Level: Bachelor degree or equivalent

Location: Bangalore

 

 

 

 

About BNP Paribas Group:

BNP Paribas is the European Union’s leading bank and key player in international banking. It operates in 65 countries and has nearly 185,000 employees, including more than 145,000 in Europe. The Group has key positions in its three main fields of activity: Commercial, Personal Banking & Services for the Group’s commercial & personal banking and several specialized businesses including BNP Paribas Personal Finance and Arval; Investment & Protection Services for savings, investment, and protection solutions; and Corporate & Institutional Banking, focused on corporate and institutional clients. Based on its strong diversified and integrated model, the Group helps all its clients (individuals, community associations, entrepreneurs, SMEs, corporates and institutional clients) to realize their projects through solutions spanning financing, investment, savings and protection insurance. In Europe, BNP Paribas has four domestic markets: Belgium, France, Italy, and Luxembourg. The Group is rolling out its integrated commercial & personal banking model across several Mediterranean countries, Turkey, and Eastern Europe. As a key player in international banking, the Group has leading platforms and business lines in Europe, a strong presence in the Americas as well as a solid and fast-growing business in Asia-Pacific. BNP Paribas has implemented a Corporate Social Responsibility approach in all its activities, enabling it to contribute to the construction of a sustainable future, while ensuring the Group's performance and stability.

About BNP Paribas India Solutions:

Established in 2005, BNP Paribas India Solutions is a wholly owned subsidiary of BNP Paribas SA, European Union’s leading bank with an international reach. With delivery centers located in Bengaluru, Chennai and Mumbai, we are a 24x7 global delivery center. India Solutions services three business lines: Corporate and Institutional Banking, Investment Solutions and Retail Banking for BNP Paribas across the Group. Driving innovation and growth, we are harnessing the potential of over 10000 employees, to provide support and develop best-in-class solutions.

Commitment to Diversity and Inclusion

At BNP Paribas, we passionately embrace diversity and are committed to fostering an inclusive workplace where all employees are valued, respected and can bring their authentic selves to work. We prohibit Discrimination and Harassment of any kind and our policies promote equal employment opportunity for all employees and applicants, irrespective of, but not limited to their gender, gender identity, sex, sexual orientation, ethnicity, race, colour, national origin, age, religion, social status, mental or physical disabilities, veteran status etc. As a global Bank, we truly believe that inclusion and diversity of our teams is key to our success in serving our clients and the communities we operate in. As a global Bank, we truly believe that inclusion and diversity of our teams is key to our success in serving our clients and the communities we operate in.