SOFTWARE SECURITY TEAM LEADER (8–13 YEARS) @ KRM SYSTEM
The organization is actively seeking a highly experienced Software Security Team Leader to be based in Pune, Maharashtra, India. This role requires 8–13 years of professional experience, specifically focusing on software security within the financial technology sector, where mandatory domain experience in Cards and Payments is essential. The Team Leader will drive the security strategy for application development, ensuring all software conforms to the highest security standards throughout the development lifecycle.
Key responsibilities include defining and implementing security best practices based on frameworks like NIST SSDF. The candidate will be responsible for conducting thorough threat modeling using methodologies such as STRIDE, and verifying application security compliance against standards like OWASP Top 10 and OWASP ASVS. Furthermore, the role involves integrating and managing a suite of application security testing tools, including SAST, SCA, DAST, and container scanning, directly into CI/CD pipelines. Technical proficiency in Java and Spring is required, while secondary skills related to securing cloud infrastructure, specifically AWS and Kubernetes security, are highly desirable for success in this demanding leadership position.
Key responsibilities include defining and implementing security best practices based on frameworks like NIST SSDF. The candidate will be responsible for conducting thorough threat modeling using methodologies such as STRIDE, and verifying application security compliance against standards like OWASP Top 10 and OWASP ASVS. Furthermore, the role involves integrating and managing a suite of application security testing tools, including SAST, SCA, DAST, and container scanning, directly into CI/CD pipelines. Technical proficiency in Java and Spring is required, while secondary skills related to securing cloud infrastructure, specifically AWS and Kubernetes security, are highly desirable for success in this demanding leadership position.
Key Requirements
8–13 years of professional experience in software security.
Mandatory domain experience in Cards / Payments systems.
Expert knowledge and implementation experience with NIST SSDF.
Deep understanding and practical application of OWASP Top 10 and OWASP ASVS.
Proficiency in threat modeling methodologies, specifically STRIDE.
Hands-on experience with AppSec tools (SAST, SCA, DAST, container scanning).
Proven ability to integrate security testing into CI/CD pipelines.
Strong development background in Java and Spring frameworks.
Experience securing cloud environments, particularly AWS security.
Familiarity with Kubernetes security best practices.