We never ask for payment as part of our selection process, and we always contact candidates via our corporate accounts and platforms. If you are approached for payment, this is likely to be fraudulent. Please check to see whether the role you are interested in is posted here, on our website.

About TMF Group

TMF Group is a leading global provider of high-value business services to clients operating and investing globally. We focus on providing specialized and business-critical financial and administrative services that enable our clients to operate their corporate structures, finance vehicles and investment funds in different geographical locations.

TMF India is a Great Place to Work, ISO & ISAE certified organization.

About the Role – Application Security Lead 

The Application Security Lead is responsible for ensuring the integrity and security of the organization's software applications by identifying, assessing, and mitigating vulnerabilities. This role involves leading efforts to implement robust security measures throughout the software development lifecycle to protect against cyber threats and data breaches.

Key Responsibilities:

• Conducting regular assessments and penetration tests on software applications.
• Identifying and prioritizing security vulnerabilities based on risk assessment.
• Collaborating with development teams to integrate security best practices into the software development process.
• Leading efforts to remediate identified vulnerabilities through secure coding practices and software patching.
• Developing and implementing application security policies, procedures, and standards.
• Providing guidance and training to developers on secure coding practices and application security principles.
• Managing relationships with third-party security vendors for specialized testing and assessment services.
• Participating in incident response activities related to application security incidents.

Key Requirements:

• Bachelor’s degree in computer science, Information Security, or a related field.
• 5+ years of experience in application security, vulnerability management, or related roles.
• Proficiency in security testing tools and techniques, including static analysis, dynamic analysis, and penetration testing.
• Strong understanding of common security vulnerabilities such as those outlined in the OWASP Top 10.
• Experience with secure coding practices, code review processes, and application security architecture.
• Knowledge of regulatory requirements and compliance standards related to application security (e.g., PCI DSS, GDPR).
• Excellent communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams.
• Strong analytical and problem-solving skills, with the ability to prioritize and manage multiple tasks simultaneously

Key Knowledge and Experience:

• Security testing methodologies and tools (e.g., Burp Suite, Nessus, Qualys).
• Secure coding principles and practices (e.g., OWASP Secure Coding Practices).
• Application security frameworks and standards (e.g., OWASP ASVS, BSIMM).
• Regulatory requirements and compliance standards relevant to application security.
• Incident response and handling procedures related to application security incidents.
• Software development lifecycle methodologies (e.g., Agile, DevOps).

Years of Experience:

5+ years in application security roles, with progressively increasing responsibilities.

By effectively managing these critical programs, you will contribute to the organization’s overall success, ensuring data confidentiality, availability, and compliance

What's in it for you?

Pathways for career development

• Work with colleagues and clients around the world on interesting and challenging work.
• We provide internal career opportunities, so you can take your career further within TMF.
• Continuous development is supported through global learning opportunities from the TMF Business Academy. 

Making an impact

• You’ll be helping us to make the world a simpler place to do business for our clients.
• Through our corporate social responsibility program, you’ll also be making a difference in the communities where we work. 

A supportive environment

• Strong feedback culture to help build an engaging workplace.
• Our inclusive work environment allows you to work from our offices around the world, as well as from home, helping you find the right work-life balance to perform at your best.

Other Benefits

• Marriage Gift policy
• Paternity & Adoption leaves
• Interest free loan policy
• Salary advance policy
• Covid support taskforce
• Well being initiatives