Netcracker Technology is seeking an experienced and technically skilled Application Security Testing Manager to lead security testing across web, API, and mobile applications. You’ll work at the forefront of digital transformation for telecom giants, delivering secure BSS/OSS, cloud, 5G, IoT, and virtualization solutions globally.

This role is ideal for a security expert who understands the threats, tools, and best practices in securing large-scale applications—and who can manage a high-performing security testing team.

🚀 Key Responsibilities

• Lead a team of security testers executing security assessments for web, mobile, and API platforms

• Oversee SAST (Static), DAST (Dynamic), SCA (Software Composition), and MAST (Mobile) security testing activities

• Create security test strategies, plans, reports, and risk-scoring documentation

• Manage the security testing lifecycle using tools like JIRA, tracking vulnerabilities and ensuring timely remediation

• Collaborate with Development, QA, DevOps, and clients to embed security into the SDLC

• Educate internal teams on OWASP Top 10, CWE, and secure coding best practices

• Monitor emerging threats and suggest risk mitigation strategies

• Represent the Application Security team in audits, cross-functional meetings, and client reviews

🎯 Required Skills & Qualifications

• 8–15 years of experience in Application Security Testing

• At least 2–3 years in a leadership/managerial role

• Strong knowledge in both manual and automated security testing techniques

• Experience with SAST, DAST, SCA tools, and frameworks

• Proficiency in testing RESTful APIs, web apps, and mobile applications

• In-depth knowledge of OWASP Top 10, CWE, secure development, and vulnerability management

• Familiarity with OAuth 2.0, OpenID Connect, SAML, TLS, and cryptography fundamentals

• Experience integrating security into CI/CD pipelines (DevSecOps)

• Excellent communication, documentation, and stakeholder engagement skills

📜 Preferred Certifications

• OSCP (Offensive Security Certified Professional)

• CEH (Certified Ethical Hacker)

• GWAPT (GIAC Web Application Penetration Tester)

• Any equivalent or higher application security certification

🎓 Education

• Bachelor’s or Master’s degree in Computer Science, Cybersecurity, or a related technical field