Application Security Specialist

About the Company:

Headquartered in California, U.S.A., GSPANN provides consulting and IT services to global clients. We help clients transform how they deliver business value by helping them optimize their IT capabilities, practices, and operations with our experience in retail, high-technology, and manufacturing. With five global delivery centers and 2000+ employees, we provide the intimacy of a boutique consultancy with the capabilities of a large IT services firm.

Role Purpose:

Own operational SSDLC for 180 in-house apps + 900 third party/SaaS, drive adoption of Client SSDLC processes/tools, integrate security in Agile/DevOps/CI CD, coordinate remediation, and deliver pre release security reviews and monthly reporting.

Job Position: Application Security Specialist (L3) – SSDLC Operations

Experience Required: 8 to 10 Years.

Location: Hyderabad/Gurugram

Primary Tools: Apiiro ASPM, GitHub Advanced Security (CodeQL, Secret scanning, Dependabot), Checkmarx, SD Elements, Jira/Confluence, GitHub Actions.

Key Responsibilities

• Drive SSDLC adoption across design→build→test→release→operate

• Conduct security reviews before release and enforce gates

• Integrate SAST/SCA/Secrets (Checkmarx, GitHub AS) and ASPM (Apiiro) into CI/CD (GitHub Actions/PR checks)

• Coordinate DAST enablement with DAST Ops; ensure pipelines block on critical findings

• Triage findings; create Jira remediation workflows; track SLA fixes and escalate delays

• Maintain vulnerability dashboards (Jira/Confluence, Apiiro)

• Provide developer training and Security Champions enablement

• Perform security assessments of third party/SaaS apps

Required Skills & Experience

8 to 10 years in AppSec/SSDLC operations; hands on with Apiiro, GitHub Advanced Security (CodeQL, secrets), Checkmarx, Jira/Confluence; strong CI/CD experience (GitHub Actions), SAST/SCA/DAST pipelines; vendor coordination; ability to coach developers (Java/.NET/JS/Python).

Shift Coverage 24×7 roster; L2/L3 on-call for P1 release blockers and urgent findings; formal handovers.

Systems Access & Request Process

• Apiiro: Project Admin via Jira/ServiceNow → AppSec Manager approval → Platform owner grant → quarterly recert.
• GitHub AS: Repo security settings via DevTools; approvals by Repo Owner + AppSec.
• Checkmarx: Project Admin; license tracked in Confluence; AppSec Manager approval. Jira/Confluence: Project + dashboard permissions via group; AppSec approval. SD Elements: Analyst/Admin (limited to leads).

Why choose GSPANN

“We GSPANNians” are at the heart of the technology that we pioneer. We do not service our customers, we co-create.

With the passion to explore solutions to the most challenging business problems, we support and mentor the technologist in everyone who is a part of our team. This translates into innovations that are path-breaking and inspirational for the marquee clients, we co-create a digital future with.

GSPANN is a work environment where you are constantly encouraged to sharpen your abilities and shape your growth path, We support you to become the best version of yourself by feeding your curiosity, providing a nurturing environment, and giving ample opportunities to take ownership, experiment, learn and succeed.

We’re a close-knit family of more than 2000 people that supports one another and celebrates successes, big or small. We work together, socialize together, and actively serve the communities we live in.

We invite you to carry forward the baton of innovation in technology with us.

At GSPANN, we do not service. We Co-create.

Discover your inner technologist - Explore and expand the boundaries of tech innovation without the fear of failure.

Accelerate your learning - Shape your career while scripting the future of tech. Seize the ample learning opportunities to grow at a rapid pace

Feel included - At GSPANN, everyone is welcome. Age, gender, culture, and nationality do not matter here, what matters is YOU

Inspire and Be Inspired - When you work with the experts, you raise your game. At GSPANN, you’re in the company of marquee clients and extremely talented colleagues

Enjoy Life - We love to celebrate milestones and victories, big or small. Ever so often, we come together as one large GSPANN family

Give Back - Together, we serve communities. We take steps, small and large so we can do good for the environment, weaving in sustainability and social change in our endeavors.

We invite you to carry forward the baton of innovation in technology with us.

Let’s Co-create.