Test Manager-Application Security

Responsibilities

• Conduct penetration testing for web, mobile, and API applications.
• Perform secure code reviews, software composition analysis, and container image assurance to identify vulnerabilities early in the SDLC.
• Perform vulnerability assessments for applications, middleware, and supporting systems.
• Utilise industry-standard tools such as Burp Suite, OWASP ZAP, Fortify, Checkmarx, Black Duck, Nessus, Aqua and Qualys.
• Triage, validate, and prioritise security findings from security assessments.
• Work with development, DevOps, and infrastructure teams to ensure timely remediation.
• Track and report remediation progress, ensuring closure within timelines required by regulatory instruments and Technology Security Standards.
• Provide guidance to developers and project teams on secure coding practices.
• Embed application security controls and tools (SAST, DAST, SCA, IAST) into CI/CD pipelines.