Application Security Team Leader

About Team

We are Quadcode, a fintech company excelling in financial brokerage activities and delivering advanced financial products to our global clientele. Our flagship product, an internal trading platform, is offered as a Software-as-a-Service (SaaS) solution to other brokers.

Now we are looking for Application Security Team Leader in the Application Security team, which provides services to ensure the security of in-house developed software, including threat analysis, architectural review, automated scanning, and manual checking.

The team consists of 2 professionals: Application Security Analyst, and a Chief of IS.

Working with Agile, Scrum (1–2-week sprints, grooming, planning, retrospective), and SAFe framework. Furthermore, we are using Google meet, Slack, TargetProcess, Wiki, Confluence for teamwork. We operate according to the EET time zone.

As a Team Leader, you will play a key role in our team's growth by fostering customer trust through secure solutions, mitigating the risk of data breaches, minimizing downtime risk, and ensuring compliance with stakeholder requirements.

First 3 tasks in the role

• Create current situation analysis;
• Create a future state of application security vision and gap analysis;
• Create a roadmap to address gaps found.
  
  

Key responsibility

• Elaborate, Manage, and Deliver Application Security Roadmap;
• Manage a team of application security analysts;
• Ensure security is integrated at every stage of SDLC;
• Guide secure coding practices;
• Collaborate with product, architecture, development, and operations teams for the effective implementation of security measures;
• Manage integration with AppSec tools;
• Manage Bug Bounty Program;
• Assist in the evolution of application security functions;
• Take leadership of bug intake and remediation process;
• Discover security vulnerabilities and apply mitigation strategies.
  
  

Requirements

• Bachelor's degree in computer science, cybersecurity, or a related field;
• 5-7 years of experience in application security or related field;
• Experience leading a team for at least one year;
• Sound working knowledge in application security testing, secure coding principles, threat modeling, and a deep understanding of security protocols and techniques;
• Proven track record of handling complex security issues;
• Proficiency in security testing tools and understanding of secure coding practices;
• Knowledge of various security frameworks and compliance standards.
• Competent written and verbal communication skills (English B2, Russian B2+).