Application Security Manager
Job Details
About the Company
ALLSTARSIT operates development hubs across Central and Eastern Europe, Israel, the UAE, India, the Philippines, and LATAM, with headquarters in San Francisco, US. The company has over 1,000 talented software engineers and tech specialists across all locations.
About the Project
Bolttech is an international insurtech with a mission to build the world’s leading, technology-enabled ecosystem for protection and insurance. With a full suite of digital and data-driven capabilities, bolttech powers connections between insurers, distributors, and customers to make it easier and more efficient to buy and sell insurance and protection products.
A part of Pacific Century Group, bolttech serves customers in multiple markets across North America, Asia and Europe.
Specialization
Headquarters
Years on the market
Team size and structure
Current technology stack
Required skills:
- At least 7 years professional experience implementing and managing all aspect of secure software development practices
- Excellent knowledge of all vulnerabilities and weaknesses in the OWASP Top 10, WASC TCv2, and CWE 25 and effective defensive techniques
- Familiarity with industry standards and regulations including PCI, SOX, and ISO27001
- Hands-on experience with automated testing solutions (SAST, DAST, IAST, SCA) and integrating these into the development lifecycle
- Understanding of current technology and regulatory trends affecting financial institution information security programs
- Demonstrated exceptional written and verbal English communication skills
Scope of work:
Drive bolttech’s application security (AppSec) and DevSecOps strategy across the Group and its Business Units leveraging the latest technologies on the market.
- Advising on application security best practices and supporting the development teams in product delivery, including architecture review processes whenever application security expertise is needed
- Improving and maintaining secure development standards
- Supporting the incident response and architecture review processes whenever application security expertise is needed
- Applying DevSecOps and agile methodologies across the organization
- Coordinating security assessments, including penetration tests and a bug bounty program
- Producing metrics reporting the state of application security programs an performance of development teams against requirements
Why ALLSTARSIT?
More open positions

