Job Description SummaryReponsible for leading, consulting or overseeing multiple architectural engagements. Will work on highly complex projects that require in-depth knowledge within technical, solutions, business or information domains.
Job Description Roles and Responsibilities In this role, you will Conduct security and privacy assessments which includes VAPT to determine compliance and security posture.
Design and drive the security requirements and concrete security feature implementations for the software / product architecture in Java, Web, and Cloud solutions guide the product architects to ensure security is built in to at the design level itself Review proposed services, engineering changes, and feature requests for security implications and needed security controls and work on prototypes and design / implementation proposals together with the engineering teams.
Assist business units in the development and implementation of product security and Privacy practices including policies, standards, guidelines, and procedures.
Verify that security and privacy requirements defined in the security plans, risk assessments, policies, and procedures are followed, and protection measures are functioning as intended.
Guide the business unit in their management of the resolution of security audit or review findings. Assist with security incidents and review risk and impact of breaches to protected systems.
Product / Information security experience in all phases of service / product development and deployment including architecture, design, development, testing and deployment.
Strong expertise with Java, J2ee & applications servers (like Wildfly). Hands-on experience in execution and review of Static Code Analysis reports and ability to discuss with development teams for true positives.
Sound understanding of Cryptography, various Encryption Algorithms, Public key Infrastructure (PKI) and Certificate Authority (CA).
Experience and knowledge of penetration testing methodologies and tools including security analyses, audits, and reviews Experience in Automation of pen test scenarios using Python or any other languages is mandatory Willingness to learn new technologies and work on security for varied products.
Education Qualification Bachelor's Degree in Computer Science or STEM Majors (Science, Technology, Engineering and Math) with more than 12 years of development & security experience which includes application security, mobile security, network security, OS security, Cloud Security, IoT Security Ideal candidate would have worked on the software development initially and then graduated in to either -S / W Lead / security assessments ensuring security in the product design Desired Characteristics Technical Expertise Experience of Information security assessment in healthcare sector / IoT / Embedded Security Excellent Cyber Security capabilities Having Application Server security knowledge is a big plus Strong knowledge of secure software development lifecycle and practices such as threat modelling, security reviews, penetration tests, and security incident response Understanding of security by design principles and architecture level security concepts Exposure to international privacy requirements Up to date knowledge of current and emerging security threats and techniques for exploiting security vulnerabilities Strong interpersonal skills with the ability to facilitate diverse groups, help negotiate priorities, and resolve conflicts among project stakeholders Sound security engineering knowledge ( technical) so as to work collaboratively with the Tech Leads and software / products architects to ensure secure Products Knowledge of information system architecture and security controls (e.
g., firewall and border router configurations, wireless architectures, specialized appliances) Sound implementation Knowledge of Cryptography, various Encryption Algorithms, Public key Infrastructure (PKI) and Certificate Authority (CA), OAUTH authentication, 2FA Ability to relate cyber security incidents from cross-industries.
understanding people's roles, can foresee obstacles, identify workarounds, leverage resources and rally teammates. Understand how internal and / or external business model works and facilitate active customer engagement Able to articulate the value of what is most important to the business / customer to achieve outcomes Able to produce functional area information in sufficient detail for cross-functional teams to utilize, using presentation and storytelling concepts.
Possess extensive knowledge of full solution catalog within a business unit and proficiency in discussing each area at an advanced level.
Six Sigma Green Belt Certification or equivalent quality certification Leadership Demonstrated working knowledge of internal organization Foresee obstacles, identify workarounds, leverage resources, rally teammates.
Demonstrated ability to work with and / or lead blended teams, including 3rd party partners and customer personnel. Demonstrated Change Management / Acceleration capabilities Strong interpersonal skills, including creativity and curiosity with ability to effectively communicate and influence across all organizational levels Proven analytical and problem resolution skills Ability to influence and build consensus with other Information Technology (IT) teams and leadership Additional Information Relocation Assistance Provided No