ITC Infotech
Application Security Specialist
Full details on LinkedIn
The complete job description, requirements, and application details are available on the original posting.
About ITC Infotech
ITC Infotech is a global technology services and solutions provider, established in 2000 as a subsidiary of ITC Limited, based in Kolkata, India. The company specializes in IT solutions, consulting, and digital transformation, utilizing expertise from its parent company's diverse sectors, including consumer goods and agribusiness. Headquartered in Bengaluru, ITC Infotech has over 10,000 employees and operates in 43 countries. The company offers a range of services, including supply chain management, customer experience enhancement, data solutions, and Internet of Things (IoT) applications. ITC Infotech focuses on industries such as banking, consumer packaged goods, retail, manufacturing, and healthcare. It aims to integrate technology with domain knowledge to improve client efficiency and deliver value across various sectors.
Security at ITC Infotech
Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.
Security Philosophy
- ITC Infotech focuses on integrated transformation and proactive testing through Application Security & Penetration Testing.
- The company prioritizes early integration in the development lifecycle with shift-left AppSec testing.
- Risk assessment utilizes standardized frameworks, particularly the Well-Architected Framework.
- The organization emphasizes automation to scale security efforts through an AppSec Automation Framework.
Security Team
Org Structure & Reporting Line: Information not publicly available regarding internal reporting lines (e.g., CISO/CTO), though job postings indicate a global delivery model with specific regional focuses. Key Public-Facing Leaders: Soumyendu Das, Principal Consultant - Cybersecurity with expertise in Applied Cryptography, TLS, Application Security, Security Architecture, and OWASP. Team Size Estimate: ~15-30 professionals globally with expertise in Application Security. Active AppSec Job Postings: 2 identified in recent cycles with emphasis on vulnerability management (Tenable, Wiz) and web application testing (OWASP).
Key Initiatives
- Shift Left in Practice: Implemented through automated testing frameworks.
- Vulnerability Management Process: Includes penetration testing and automated scanning with intake management, triage/remediation managed through SOC functions and cloud-native tools, including monitoring and reporting on MS Azure Sentinel.
- Secure SDLC Artifacts: Adherence to industry standards for web testing with Web Application Security Testing adhering to OWASP Standards.
Preparing for an AppSec interview?
Get the weekly briefing 2,000+ security pros trust.