Job Description:
Role Summary Leads end-to-end design and governance of AI-driven vulnerability detection & remediation platform ensuring Zero Trust, compliance, auditability and secure SDLC integration.
Required Skills:
• AppSec (SAST, SCA, DAST), API security, IAM
• Strong in Checkmarx / Snyk / Fortify ecosystem
• Zero Trust (NIST 800-207), cloud security (GCP/Azure)
• AI security (prompt injection, model abuse, LLM risk management)
• CI/CD (GitHub, Jenkins, GitLab)AI/Agentic Expectations
• Define agent orchestration strategy (multi-agent + judge model)
• Establish guardrails for AI decisions and suppression workflows
• Lead RAG-based knowledge integration for secure coding
Key Responsibilities:
• Define AI-driven AppSec reference architecture (Checkmarx + CI/CD + Agentic AI)
• Lead Zero Trust Architecture (ZTA) design (API security, identity, RBAC, ABAC)
• Define secure SDLC & DevSecOps frameworks• Drive LLM-driven vulnerability detection and remediatio n governance
• Lead risk assessment, compliance mapping (PCI-DSS, SOX, OSFI, NIST)
• Oversee multi-agent decision governance (LLM judge, consensus controls)
• Ensure auditability (trace IDs, evidence logs, SIEM integration)
• Conduct AI/ML security risk reviews (model integrity, prompt injection, data leakage)
• Define policy for auto-remediation vs escalation thresholds
TCS does not use artificial intelligence tools for candidate screening or evaluation. This post is for a current vacancy. The hiring process includes an initial screening, followed by a technical evaluation and managerial discussion.
Thank you for your interest in TCS. Candidates that meet the qualifications for this position will be contacted within a 2-week period. We invite you to continue to apply for other opportunities that match your profile.
