You will be responsible for leading, consulting or overseeing multiple architectural engagements. Will work on highly complex projects that require in-depth knowledge within technical, solutions, business or information domains.
Roles and Responsibilities
In this role, you will:
- Design, implement, and maintain security controls and best practices for multi Cloud environments.
- Ensure compliance with AWS Well-Architected Framework and security practices across multiple Cloud vendors
- Leverage partnerships effectively with the product development, program management, regulatory, privacy and legal teams to establish and enforce security requirements, plans, and policies for healthcare solutions which include applications, on-prem & SaaS Analytics solutions.
- Drive, develop and maintain policies, procedures, and documentation related to HIPAA and GDPR compliance.
- Lead development and implementation of product security and Privacy practices including policies, standards, guidelines, and procedures.
- Verify that security and privacy requirements defined in the security plans, policies, and procedures are followed and protection measures are functioning as intended.
- Lead security incidents and review risk and impact of breaches to protected systems.
- Review proposed services, engineering changes, and feature requests for security implications and needed security controls.
- Drive research and evaluation of emerging technologies, industry and market trends to assist in project development and/or operational support actives.
Qualification & Experience:
- Bachelor's Degree in Computer Science or “STEM” Majors (Science, Technology, Engineering and Math)
- 8+ years of development and security experience which includes application security, network security, OS security, Cloud Security
- Product/Information security experience in all phases of service/product development and deployment including architecture, design, development, testing and deployment.
- Experience in designing security solutions and threat modelling
- Experience in Security tooling and ideation of tools which eases Pen Test/Product Security needs
- Hands-on experience in review of Static Code Analysis reports and ability to discuss with development teams for true positives.
- Hands-on experience in review of Software Component Analysis reports and ability to discuss with development teams for true positives.
- Sound understanding of Cryptography, various Encryption Algorithms, Public key Infrastructure (PKI) and Certificate Authority (CA).
- Experience and knowledge of penetration testing methodologies and tools.
- Conducting information security analyses, audits, and reviews
- Experience in Automation of pen test scenarios using Python or any other languages is mandatory
- Willingness to learn new technologies and work on security for varied products.
- Solid security expertise on Containers, Kubernetes, Cloud Native Solutions and should be able to guide team in security solutioning and Pen Testing
- Should have experience in transforming DevOps to DevSecOps with exposure to tools, processes, governance
- Certifications like OSCP/CCSP/CISSP preferred
Desired Skills
- Experience of Information security assessment in healthcare sector for Cloud products
- Ideal candidate would have worked on the software development initially and then graduated in to either -Software/Lead/security assessments ensuring security in the product design
- Knowledge of information system architecture and security controls
- Sound implementation Knowledge of Cryptography, various Encryption Algorithms, Public key Infrastructure (PKI) and Certificate Authority (CA), OAUTH authentication
total rewardsare designed to unlock your ambition by giving you the boost and flexibility you need to turn your ideas into world-changing realities. Our salary and benefits are everything you’d expect from an organization with global strength and scale, and you’ll be surrounded by career opportunities in a culture that fosters care, collaboration and support.