Program Manager - Vulnerability Management

 Bangalore, India       Permanent contract        Information Technology


  • Develop framework to reduce trending application vulnerabilities and also prevent reoccurrence of vulnerabilities
  • Analyze root cause, find trends, dependencies, perform risk management and documentation to describe possible ways of remediation
  • Participate in pentest debriefing meeting and moderate the discussions as per business risk and context to measure the impact of the vulnerability
  • Integrate business data in the vulnerability risk rating framework in order to properly assess the criticality of vulnerabilities
  • Automate the framework, implement & test regularly in past and new vulnerabilities and improvise on regular basis

Profile Required

  • Overall 10-12 years of work experience in application development, architecting and security testing
  • 3-4 years of web application development experience and have worked as application lead for web and internet facing applications
  • Hands experience of 4-6 years in application security testing SAST, DAST and secure development practices
  • Good exposure in containerization on public/ private cloud and security in cloud native applications
  • Certifications such as CEH, CISSP, OSCP or CSSLP or similar industry standard
  • Bachelor / master’s degree or Engineer
  • Python (Django), React JS experience and Knowledge of Windows Server, IIS, MSSQL for the back-end.
  • Knowledge of vulnerability detection, mitigation and management of Application is mandatory.
  • Extensive knowledge on secure code development topics, OWASP Top 10, SANS top 25, OWASP Application Security Verification Standard (ASVS 4.0), CVSS scoring methodology and industry application security practices
  • Good knowledge on infrastructure security (encryption / database / operating system and latest private, public cloud vulnerabilities)
  • Risk based approach towards vulnerability management
  • Good reporting and presentation skills – MS Excel, MS PowerPoint
  • Good knowledge of business & process (application criticality / BIA / other business process such as RCSA / Control

Why Join Us

We are committed to creating a diverse environment and are proud to be an equal opportunity employer. All qualified applicants receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.

Business Insight

Société Générale Global Solution Centre (SG GSC), a 100% owned subsidiary of European banking major Société Générale (SG). Our role and purpose is to enable the strategic vision of Société Générale Group. We are doing this by pioneering cutting edge innovation from Design Thinking to Smart Automation & Artificial Intelligence and applying it to banking. SG Global Solution Centre provides services in the areas of Application Development and Maintenance, Infrastructure Management, Business Process Management, and Knowledge Process Management to Société Générale’s business lines around the world.

We are an equal opportunities employer and we are proud to make diversity a strength for our company. Societe Generale is committed to recognizing and promoting all talents, regardless of their beliefs, age, disability, parental status, ethnic origin, nationality, sexual or gender identity, sexual orientation, membership of a political, religious, trade union or minority organisation, or any other characteristic that could be subject to discrimination.

Job code: 20000GMC
Business unit: SG Global Solution Centre
Starting date: Immediate
Date of publication: 14/10/2020
Share on

Program Manager - Vulnerability Management

Permanent contract   |   Bangalore   |   Information Technology