Job Title

Job Title: Manager / Assistant Manager: Application Security Engineer (Automation & Incident Response)Location: Pune, IndiaMonday to Friday Work From Office, Baner PuneShift Time : 03:00 PM IST To 00:00 AM ISTCab Facility To&Fro from residenceEQUIPE CONTAINER SERVICES INDIA PRIVATE LIMITED is a subsidiary of WillScot.At WillScot (NASDAQ WSC), our 4000+ people are at the heart of everything we do. In addition to providing industry-leading pay and benefits, we provide opportunities for development and upward mobility, while investing in the communities we serve. We are the undisputed leader in providing innovative flexible workspace and portable storage solutions, serving an incredible range of customers across all industries from 240+ locations across the United States, Canada, and Mexico.Our values are our foundation. We constantly strive to diversify our teams to ensure we have the best and brightest talent. We’re deeply committed to creating an inclusive and equitable workplace where each person can contribute while being their authentic self. For more about WillScot and who we are, click here. Build your future with us!Job DescriptionSummary / ObjectiveThis role requires in-depth knowledge and experience across multiple technology disciplines with the ability to define, support, and enhance application security and cybersecurity operational processes while supporting IT strategy and business objectives.Essential FunctionsApplication Security Duties Partner with Software Development teams to ensure application security best practices are implemented into Software Development Lifecycle (SDLC) processes.Partner with Software Development teams to fully integrate application security testing tools into the CI/CD pipeline.Review findings and provide vulnerability remediation prioritization consulting.Perform vulnerability remediation validation to ensure applied fixes address the vulnerability.Maintain and enhance application security metrics and dashboards to track application security posture across the various software development teams.Mature security controls related to SDLC processes and CI/CD pipelines.Automation Skills DutiesBuild and maintain API integrations between security tools and enterprise systems.Develop and maintain software programs/scripts to perform ETL (extract, transform, load) for security data aggregation and reporting.Automate repetitive security tasks to improve efficiency and scalability.Incident Response Duties Monitors, responds, and performs additional security event triage on escalated security events from MSSPs and IT Service Desk.Follows established security incident response playbook/procedures to classify, prioritize, and escalates possible security incidents based on impact and urgency.Engages internal and trusted external partners who can provide subject matter expertise throughout the security incident lifecycle (e.g., detection and analysis, containment, eradication and recovery, post-incident activities).Documents incident timelines, decisions, and actions taken.Participates in root cause analysis and lessons learned sessions and updates playbook based on findings.Defines, gathers, and documents metrics related to the security event and incident management.Other DutiesEstablish and maintain a strong working relationship across technical and business teams.Successfully manage time and technical responsibilities to meet expectations and deadlines.Ensures internal and 3rd party provided IT solutions meet business needs and comply with security requirements while adhering to established company standards, policies, methodologies, and industry best practices.Build relationships with technical and business teams to understand their needs, priorities, roadmap, and definition of success.Effectively develop and communicate documentation intended for both business and technical audiences.Reporting: Will manage a team of 5-6 resources and Reports To Head of Technology GCCQualificationsBachelor’s degree (preferred: IT‑related field)BE/B Tech/ BCA/MCA Preferred8-16 Years of strong experience in Cybersecurity with relevant certifications.Practical knowledge of industry cybersecurity frameworks (e.g., NIST, MITRE ATT@CK) and best practices (e.g., CWE, OWASP).Strong understanding of data privacy and protection standards and regulations (e.g., CCPA, PCI, SOX).Deep understanding of Software Development Lifecycle and secure coding principles.Strong technical background in at least 2 specialty areas below with overall exposure to at least 4 of the following:Application protocols (e.g., HTTPS, TLS, APIs)Web servers and applicationsContainers and orchestration technologiesServer-less technologiesHandheld Mobile OSs (e.g., Android, iOS)Cloud Services (e.g., AWS, Azure, GCP)AI Services (e.g., GenAI, Agentic AI)DevOps technologies (e.g., software repositories, build, CI/CD) o Automation and scriptingKnowledge and experience with cybersecurity frameworks and technologies ATT&CK TTPsOWASP Top 10 (e.g., web, mobile, LLMs)Threat ModelingApplication Security Testing Tools (e.g., SAST, SCA, DAST, API)Vulnerability Verification Testing Platforms and Tools (e.g., Kali Linux) o Data confidentiality technologies (e.g., encryption, tokenization, key lifecycle management) o Data integrity technologies (e.g., hashing, data validation, error handling)Data availability technologies (e.g., DoS protection, WAF)Programming and scripting languages (e.g., Python, JavaScript) o SIEM and SOAR technologies o Incident response processes and forensics techniques and toolsProject management skillsAbility to negotiate, influence, and collaborate to build successful relationshipsStrong verbal, written, and interpersonal communication skills • Relevant industry certifications such as CEH, OSCP, GCIH are highly desirableExperience working in Agile delivery models with strong testing, documentation, and change management disciplineStrong troubleshooting, analytical, and problem‑solving skillsEffective communication skills and ability to collaborate with cross‑functional