Manager- Application Security

About SirionLabs:

SirionLabs is a leading SaaS company focused on developing leading edge AI-led solutions for the legal and contract management space. Our product is trusted by Fortune 500s and major global enterprises such as Schneider, Morgan Stanley, Qantas, Unilever, IBM, Vodafone, Alstom, and Novartis, to create, negotiate, and manage +5 million contracts worth more than US$300bn across 100+ countries around the world. As a result, SirionLabs has been recognized by major industry analyst groups such as Gartner, Forrester, Spend Matters, and IDC as a leader in the contract lifecycle management (CLM) domain.

SirionLabs recently closed a US$85 million Series D funding round, which was led by Partners Group, a leading global private markets firm, along with existing investors Avatar Growth Capital, Sequoia Capital India and Tiger Global. This fresh capital infusion will help us fuel AI R&D and expand our global footprint even further.

With over 700 people working across 10+ offices in North America, Europe, and India, SirionLabs is constantly growing and expanding its global footprint

Requirements

Job Role: Manager- Application Security

Experience: 10-16 years

Location: Gurgaon

Responsibilities:

• Lead the Application Security Program for SirionLabs and ensure Secure SDLC

• Experienced in application security testing (source code review and application penetration tests) – web, mobile, API’s, Plugin’s

• Experienced in performing Threat Modeling using STRIDE and other models

• Experienced in identifying and resolving open-source software compliance risks (CopyLeft)

• Experience with Secure Development and Testing processes and detection.

• Experience in automating security testing and remediation through scripting using languages like Bash, Python and VBScript.

• Knowledge of secure coding concepts

• Good knowledge of OWASP and current and emerging threats

• Knowledge of SANS TOP 25 Most Dangerous Software Errors

• Good experience in Security testing tools like Burp Suite/Acunetix/Metasploit/Kali.

• Understanding of Security testing techniques.

• Working knowledge of Server-side Security requirements.

• Understands Security testing requirements and testing strategy.

• Knowledge on capturing and diagnosing logs for application errors.

• Good understanding of the entire project life cycle, QA methodologies and processes

• Experience with web application firewall, encryption, networking, web services

• Experienced in Agile and/or Kanban methodologies;

Experienced with JIRA tool for work assignments and logging defects

• Create detailed, comprehensive and well-structured Security test plans and Security test cases

• Estimate, prioritize, plan, and coordinate testing activities

• Strong, effective interpersonal and communications skills; able to interact professionally with customers and team members.

• Security certifications such as OSCP, CEH.

Organizational skills:

• Ability to multi-task effectively and work under pressure
• Relationship and trust-based information security program (not authority-based)
• Self-driven and initiator
• Task finisher

SirionLabs is an Equal Opportunity Employer

We value diversity in our workforce, we are an equal opportunity employer and do not discriminate based on race, colour, gender, religion, national origin, ancestry, age, disability, medical condition, genetic information, military & veteran status, marital status, pregnancy, gender identity, sexual orientation, or any other characteristics protected by local laws, regulations, and ordinance.

We also make reasonable accommodations for disabled employees and applicants as required by law.

We follow these principles in all areas of employment including recruitment, training, promotions, compensation, benefits, transfer, and social and recreational programs