{"id":"03ab8fdd-ba46-4ffa-ae7a-d0036a64b79a","company":{"id":"c0139b85-e913-4283-88d6-e996a9ee79ed","company_stack":[],"company_gallery":[],"company_stats":[],"company_about_section":null,"company_benefit_section":[],"company_testimonial_section":[],"company_culture_section":[],"onboarding_process":null,"ticker_logos":[],"gtn_companies":[],"role_category":[],"cta_color":"#333333","name":"BNP Paribas","short_name":"CMP2170","slug":"bnp-paribas","description":null,"short_description":null,"about_us":null,"video_link":null,"logo_url":"https://talent500-public-prod-cb.s3.ap-south-1.amazonaws.com/company_logos/New_logoWhite_f3828439e996457db7531ecf9769a3ab.png","job_logo":null,"job_logo_url":"https://talent500-public-prod-cb.s3.ap-south-1.amazonaws.com/company_job_logos/T500_nogoTz6_a4600b31ac8d42be8fc807e2392f2e0d.png","show_powered_by_talent500_logo":false,"website":null,"redirect_logo_url":"https://talent500.com//joblist/?search_term=BNP Paribas","linkedIn":null,"facebook":null,"twitter":null,"instagram":null,"hero_type":"1","nav_bar_color":null,"nav_items_color":"#FFFFFF","gallery_heading":"Gallery","company_image_url":"","meta_title":null,"meta_description":null,"hero_h1":null,"hero_h2":null,"primary_color":"#FF9900","secondary_color":"#333333","cta_text":null,"jobs_subtitle":null,"mission":null,"stack_section_title":null,"stack_section_description":null,"powered_by_logo_url":"https://d36dj8u11ystvj.cloudfront.net/Talent500_PoweredBy+(1).png","cta_bg_color":"#FFFFFF","cta_text_color":"#FFA000","cta_border_color":"#FFFFFF","h1_font_size":null,"h2_font_size":null,"h3_font_size":null,"h4_font_size":null,"body_size_1":null,"body_size_2":null,"h1_font_w":null,"h2_font_w":null,"h3_font_w":null,"h4_font_w":null,"body_w_1":null,"body_w_2":null,"public_name":null,"use_public_name":false,"unique_id":"aaf44117-6b93-4ab3-be1e-ae7ef3fa8715","head_favicon_url":"","head_title":null,"privacy_policy_name":"Privacy Policy","privacy_policy_url":null,"mandate_privacy_policy":null,"ticker_title":null,"publish":false,"company_font_family":"5","use_company_font_on_jobs_page":true,"gallery_section_name":null,"about_section_name":null,"testimonial_section_name":null,"benefits_section_name":null,"culture_section_name":null,"jobs_section_name":null,"is_job_displayable":true,"is_onboarding_skip":false,"company_specific_workflow":0,"third_party_company":true,"is_vendor_third_party_company":true,"priority_order":0,"order_of_about_role":1,"order_of_about_company":2,"whatsapp_company_logo":null,"whatsapp_company_logo_url":"","whatsapp_job_bg_color":null,"whatsapp_job_text_color":null,"engagement_type":null,"font_family":5},"location":"Bengaluru","primary_skills":["data in transit and data at rest encryption","TLS (certificates, cipher suites such as RSA and Diffie Hellman)","middleware message queues","secure file transfers","database encryption","access control concepts","onboarding","automated provisioning/reconciliation","privileged access management tools (e.g., SailPoint, CyberArk)","strong authentication mechanisms such as SSO, SAML, 2FA/MFA, Arcot, RSA","application security testing processes (DAST, SAST, SCA, penetration testing, VAPT)","payment specific applications (e.g., SWIFT messages)","encryption of payment flows","mutual authentication","end to end encryption","team management","preparation of management-level reports","interaction with higher ups in management steering committee meetings","handling cross-functional meetings","knowledge transfer sessions","hands on shadowing","IT infrastructure & Network and Application (Web, Client-Server, Payment Systems) security reviews","consultation and recommendations on application security controls","application security framework and standards (OWASP TOP 10, NIST, SANS, ISO and relevant regulatory requirements)","OWASP top 10","SAST/DAST/SCA","API security","secure coding practices","threat modeling","vulnerability management","cryptography techniques","authentication techniques (SSO, SAML, MFA/2FA)","secure SDLC","communication skills","application security controls (Access control mechanisms and Data Security)","IT audit background","IT security (defense in depth)","AppSec assessments (Application security compliance review / API Security)","Vulnerability management and Remediation techniques","Governance framework and Reporting","Ability to collaborate / Teamwork","Ability to deliver / Results driven","Communication skills Oral & Written"],"secondary_skills":[],"experience_range":"","job_qualifications":["Bachelor degree or equivalent"],"screening_questions":[],"title":"Application Security Manager","description":"<p>\n <strong>\n  Position Purpose:\n </strong>\n The purpose of this position is to lead a high?performing, multidisciplinary security team and shape the future of secure software delivery across the organization. Drive tangible impact through measurable security outcomes, automation, and innovation.\n</p>\n<p>\n</p>\n<p>\n <strong>\n  Responsibilities\n </strong>\n</p>\n<p>\n <u>\n  Direct Responsibilities\n </u>\n</p>\n<ul>\n <li>\n  Review and interpret various application classifications and their architectures (e.g., web apps, APIs, infrastructure, server side, mainframe, WebSphere).\n </li>\n <li>\n  Demonstrate solid knowledge of data in transit and data at rest encryption, TLS (certificates, cipher suites such as RSA and Diffie Hellman), middleware message queues, secure file transfers, and database encryption.\n </li>\n <li>\n  Good Understanding of access control concepts, including onboarding, automated provisioning/reconciliation, and privileged access management tools (e.g., SailPoint, CyberArk).\n </li>\n <li>\n  Good Understanding of authentication best practices and familiarity with strong authentication mechanisms such as SSO, SAML, 2FA/MFA, Arcot, RSA, etc.\n </li>\n <li>\n  Possess a clear grasp of application security testing processes (DAST, SAST, SCA, penetration testing, VAPT) and the end-to-end workflow, even if hands on scanning experience is not required.\n </li>\n <li>\n  Good Understanding of payment specific applications (e.g., SWIFT messages), associated encryption of payment flows, mutual authentication, and end to end encryption.\n </li>\n <li>\n  Work closely with application/asset owners and technical teams to conduct security compliance reviews, gather functional information, and implement appropriate security controls with documented evidence.\n </li>\n <li>\n  Produce concise findings reports and discuss results with relevant Application owners &amp; Stakeholders.\n </li>\n <li>\n  Demonstrated team?management ability, preparation of management?level reports, capability to interact with higher ups in management steering committee meetings and skilled in handling cross?functional meetings to drive decisions and actions.\n </li>\n <li>\n  Mentor and onboard new team members through knowledge transfer sessions and hands on shadowing during their initial period.\n </li>\n</ul>\n<p>\n</p>\n<p>\n <strong>\n  Contributing Responsibilities\n </strong>\n</p>\n<ul>\n <li>\n  Extended knowledge of IT infrastructure &amp; Network and Application (Web, Client-Server, Payment Systems) security reviews\n </li>\n <li>\n  Provide consultation and recommendations on application security controls for the central region.\n </li>\n</ul>\n<p>\n</p>\n<p>\n <strong>\n  Technical &amp; Behavioral Competencies\n </strong>\n</p>\n<ul>\n <li>\n  Strong knowledge of application security framework and standards (OWASP TOP 10, NIST, SANS, ISO and relevant regulatory requirements)\n </li>\n <li>\n  Strong understanding of OWASP top 10, SAST/DAST/SCA, API security, secure coding practices, threat modeling, vulnerability management, cryptography techniques, authentication techniques (SSO, SAML, MFA/2FA, etc.), secure SDLC\n </li>\n <li>\n  Good communication skills\n </li>\n <li>\n  Knowledge of application security controls (Access control mechanisms and Data Security)\n </li>\n <li>\n  Should have IT audit background\n </li>\n <li>\n  Good knowledge of IT security (defense in depth)\n </li>\n</ul>\n<p>\n <strong>\n </strong>\n</p>\n<p>\n <strong>\n  Specific Qualifications:\n </strong>\n</p>\n<p>\n Any technical certification (CEH/ISO27001/CISM/CISA/CISSP) will be a value addition\n</p>\n<p>\n <strong>\n  Skills Referential (Required knowledge, skills and abilities)\n </strong>\n</p>\n<p>\n <strong>\n  Technical Skills:\n </strong>\n</p>\n<ul>\n <li>\n  AppSec assessments (Application security compliance review / API Security)\n </li>\n <li>\n  Vulnerability management and Remediation techniques\n </li>\n <li>\n  Governance framework and Reporting\n </li>\n</ul>\n<p>\n <strong>\n  Behavioral Skills:\n </strong>\n</p>\n<ul>\n <li>\n  Ability to collaborate / Teamwork\n </li>\n <li>\n  Ability to deliver / Results driven\n </li>\n <li>\n  Communication skills Oral &amp; Written\n </li>\n</ul>\n<p>\n <strong>\n  Education Level:\n </strong>\n Bachelor degree or equivalent\n</p>\n<p>\n <strong>\n  Location:\n </strong>\n Bengaluru/Mumbai\n</p>","employment_type":null,"industry":"","job_template":false,"country":{"name":"India","country_code":"IN","region":"Asia"},"is_job_displayable":true,"job_url":"https://talent500.com/jobs/bnp-paribas/application-security-manager-bengaluru-T500_CMP2170_15820_4419579600","created_at":"2026-06-02T19:20:05.713047+05:30","updated_at":"2026-06-04T19:40:04.035691+05:30","title_alias_1":null,"slug":"application-security-manager-bengaluru-T500_CMP2170_15820_4419579600","summary":null,"typical_workday":null,"what_you_offer":null,"what_you_need_to_succeed":null,"responsibilities":null,"type":null,"min_experience_years":0,"max_experience_years":0,"ctc_unit":"LPA","is_featured_job":false,"is_active":true,"job_code":"T500_CMP2170_15820_4419579600","external_id":null,"external_job_code":"15820_4419579600","is_anonymized":false,"mercurial_skills":null,"open_date":"2026-06-02T19:20:05.701708+05:30","published_at":"2026-06-04T12:50:19.759000+05:30","anonymization_needed":null,"anonymized_description":null,"xml_feed_anonymization":null,"unregistered_user_anonymization":null,"registered_user_anonymization":null,"pre_application_email_anonymization":null,"mettl_account":null,"job_table_sub_head":null,"job_table_short_desc":null,"is_remote":false,"job_video":null,"job_video_title":null,"job_video_description":null,"job_image_url":null,"role_summary":null,"syndication_control":true,"syndication_status":"new","syndication_job_title_alias":null,"sourcing_requirements_updated_at":null,"t500_sourcing_control":true,"status":"open","job_redirection_url":"https://click.appcast.io/t/vpNbnxqt-9UPYfBnbwGtrM9TlxjFU2ozGIC_7xUO5Xo5mQHckLRFlUzZ6xJuwLw6VviO-aUqv1cLvrLHd8H3mw==","is_external_job":true,"is_leadership_job":false,"leadership_confidentiality_level":null,"pricing_type":"cpc","is_auto_apply_eligible":false,"external_apply_url":null,"ats_provider":null,"apply_timeout_seconds":null,"recruiter":"1154daea-f24c-4f7f-aad6-494543ee6112","category":15,"job_sub_category":93,"role":null,"job_function":null,"job_sub_function":null,"naukri_industry":null,"naukri_functional_area":null,"naukri_role":null,"role_category":null,"linkedin_industry":null,"syndication_partners":[],"candidate_job_status":null,"candidate_job_id":null,"mettl_assessment_to_be_taken":false,"company_font_data":{"font-family":"Montserrat","url":"https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap"}}