Secure Coding Specialist - Application Security

Bangalore, Karnataka
Permanent
Full-time

2 days ago

Job Description:Description:Airbus is on its Digital journey and the objective is to transform the company and to prepare it for the future. This transformation includes new global governance, new ways of working and the implementation of digital business services and platforms. As a part of this transformation journey we have set up a GIC in the silicon valley of India - Bangalore. This state of the art GIC is responsible for driving excellence in IT and OT for Airbus.Challenges are numerous and exciting.!What is the Airbus Application Security team doing?Security for Applications is designed to strengthen Airbus applications against evolving threats, reduce vulnerabilities and de-risk them by applying all the necessary security controls. Your role as a Secure Coding Specialist is to work towards promoting and ensuring the implementation of secure coding best practices in the context of the Application Security / SecDevOps (Secure Development and Operations of Software Applications) by detecting, analyzing and remediating vulnerabilities and misconfigurations in application code. Your role is key as you contribute to the overall performance and success of Airbus Digital Security Posture.Qualification & Experience:We seek out curious minds! We value attention to detail! And we care deeply about outcomes!We’re looking for passionate people, who are eager to learn, willing to share, and establishing innovative ways of working and influencing cultural changesBachelor or masters in Computer Science, Engineering, or related field would be preferred4 to 8+ years of relevant experience as Application Security / Secure Coding SpecialistProficiency in at least one major programming language: Java, C#, Python, JavaScript, Go etc.Strong understanding and knowledge of Application Secrets Management (Detect & Remediate)In-depth knowledge of common application security vulnerabilities: OWASP Top 10, SANS Top 25 and their mitigation controls & strategiesWorking experience with SAST (Static Application Security Testing) tools such as: CheckmarxOne and SCA (Software Composition Analysis)Knowledge in setting up & operating Cloud infrastructure using IaC; familiarities with containers and security automation in CI/CD pipelinesGood understanding of monolithic & microservices application architecture and knowledge of common web application frameworksGood to have relevant industry certifications: CSSLP, CISSP, OSCP, CompTIA Security+ etc.Proven ability to prioritise workload, meet deadlines, and utilise time effectivelyA team player with excellent interpersonal, communication and negotiation skillsKnowledge of Agile frameworks: SAFe, Scrum, Kanban is an added advantageResponsibilitiesAs a Secure Coding Specialist with our Application Security team, you will work on the following activities:Governance & ProcessContribute towards development, continuous enhancement and enforcement of secure coding standards, guidelines, and policiesSetup effective processes and procedures for secure code reviews and remediations of identified vulnerabilitiesRaise awareness on secure coding best practices among developers & application owners across organizationCode Scanning & ReviewOnboarding of Airbus Critical applications into Airbus DevOps CI/CD to ensure automated code scanning and be able to conduct manual code reviews when requiredBe able to conduct code reviews in context of SAST, SCA, IaC, Artifactory for web & mobile appsIdentify security vulnerabilities, design flaws, and insecure coding practices through the reviewAnalyze the identified vulnerabilities for true positive and false positives, accordingly propose remediations to the development teams (fine-tuning tool’s detection capabilities in case of FP)Provide recommendations, support and guidance to the developers to prioritize remediationsCollaboration and Documentation:Connect & collaborate with Application Security Product Manager/Owners to ensure alignment of strategies & roadmapWork closely with other Security & IT teams across organization: Security architects, Application developers, DevOps engineers and Business stakeholdersProvide technical support in the areas of application vulnerability, risk assessment, and security control implementation and always produce detailed and effective documentationsContinuous Learning and Development:Participate in Security threat and monitoring forums to learn and keep abreast of the latest security trends, threats, and vulnerabilities, continually building knowledge in the cyber threat landscapes and good practicesParticipate in workshops, training, certifications & security conferences to enhance skills in Cyber SecurityBenefitsYou will be part of a truly international teamTravel opportunities (domestic and international)Competitive remuneration, bonus and incentivesGood work / life balance and career growth opportunitiesTraining and development opportunities (online, classroom, conferences)Comprehensive benefits package (complementary health and life insurance)Success MetricsSuccess will be measured in a variety of areas, including but not limited toConsistently ensure the on-time delivery and quality (first-time-right) of the projectsBring innovative cost effective solutionsAchieve customer satisfactionThis job requires an awareness of any potential compliance risks and a commitment to act with integrity, as the foundation for the Company’s success, reputation and sustainable growth.Company: Airbus India Private LimitedEmployment Type: PermanentExperience Level: ProfessionalJob Family: Cyber Security
JF-CG-STBy submitting your CV or application you are consenting to Airbus using and storing information about you for monitoring purposes relating to your application or future employment. This information will only be used by Airbus.
Airbus is committed to achieving workforce diversity and creating an inclusive working environment. We welcome all applications irrespective of social and cultural background, age, gender, disability, sexual orientation or religious belief.Airbus is, and always has been, committed to equal opportunities for all. As such, we will never ask for any type of monetary exchange in the frame of a recruitment process. Any impersonation of Airbus to do so should be reported to .At Airbus, we support you to work, connect and collaborate more easily and flexibly. Wherever possible, we foster flexible working arrangements to stimulate innovative thinking.

Airbus

Apply Now