Manager

Job Code/ Requisition ID

 

Location

Bangalore

Division

PSB OD

Department / Function

Offer Development

Position Name

 

Designation

Manager

Role

Individual

 

Team                 

 

Reporting To

Biswanath Saha

Job Specification

 

Are you passionate in developing a multitude of products and solutions in IoT and adjacent consumer electrical/electronics verticals that positively impact consumer lives? Do you desire to develop multi-domain expertise with cutting across electrical, electronics and IoT domains? Do you love consumer-centric innovation and to lead the execution of the project from insight to mass production?

 

As a Product Security Architect (Software, Hardware/Firmware), you will be responsible for ensuring the security, integrity, and confidentiality of the hardware, software systems and applications developed by Luminous. You will work closely with development teams, project managers, and other stakeholders to design, implement, and maintain robust security measures and best practices throughout the software development lifecycle. Your primary objective will be to identify potential security vulnerabilities, define security requirements, and implement effective solutions to safeguard sensitive data and protect against cyber threats.

 

Qualification/ Personal Attributes

Qualification

• Bachelors / Master’s degree in Computer Science, Information Security or similar

 

Experience

• 8-10 years of experience in software & firmware security (for Web application, Mobile App in IoT domain)
• Proven experience as a Software & firmware Security Architect or in a similar role.
• In-depth knowledge of software security principles, secure coding practices, Database security and common security vulnerabilities.
• Drafting polices related to product security.
• Expertise in Cloud Security
• Experience in DevSecOps
• Experience with security testing tools and methodologies, including static code analysis, dynamic analysis, and penetration testing.
• Strong understanding of authentication and authorization protocols (e.g., OAuth, SAML, JWT) and encryption techniques.
• Familiarity with compliance standards such as OWASP, ISO 27001, NIST, and PCI DSS.
• Proven experience as an IoT Security Architect or a similar role with a focus on IoT security.
• Solid understanding of IoT architectures, protocols, and technologies.
• In-depth knowledge of IoT security principles, secure design patterns, and common IoT vulnerabilities.
• Experience with IoT security frameworks and industry standards (e.g., IoT Security Foundation, IEC 62443, NIST SP 800-53).
• Familiarity with IoT device security features (e.g., hardware security modules, Trusted Platform Modules).
• Strong understanding of network security and encryption technologies
• Excellent communication and collaboration skills to work effectively with cross-functional teams.
• Relevant certifications such as CISSP, CSSLP, or CISM are a plus.
• Team handling experience (with Pen tester, Security analyst & DevSecOps engineer)

 

 

Skills & Attributes

• Problem-solving skills with a sharp analytical mind
• Capability to collaborate with cross functional teams/3rd parties
• Understanding the business side of the application
• An ardent researcher of market trends and technology evaluation

Job Description

Responsibilities

 

1. Security Architecture Design:

• Develop and design the security architecture for software applications and systems, taking into consideration various factors like scalability, performance, and usability while ensuring robust security measures.
• Create and maintain security policies, standards, and guidelines for the development and deployment of software applications.

 

2. Threat Modeling and Risk Assessment:

• Perform threat modeling and risk assessments for software projects to identify potential security risks and vulnerabilities.
• Collaborate with cross-functional teams to prioritize and address security issues based on the severity of risks.

 

3. Secure Coding Practices:

• Advise development teams on secure coding practices and conduct code reviews to identify and rectify security flaws.
• Promote the adoption of security-related best practices and coding standards across the development teams.

4. Security Testing:

• Plan and oversee security testing activities, including penetration testing, vulnerability scanning, and code analysis.
• Plan and oversee security testing activities for IoT devices and applications, including penetration testing and vulnerability assessments.
• Analyze and interpret the results of security testing and work with the development teams to address identified issues.

 

5. Authentication and Authorization:

• Design and implement strong authentication and authorization mechanisms to control access to software applications and data.
• Integrate industry-standard authentication and authorization protocols into the software systems.

 

6. Encryption and Data Protection:

• Ensure the appropriate use of encryption techniques to protect sensitive data at rest and in transit.
• Implement data protection mechanisms to safeguard the confidentiality and integrity of data.

 

7. Incident Response and Security Monitoring:

• Collaborate with the incident response team to develop incident response plans and participate in security incident handling and investigations.
• Implement security monitoring solutions to detect and respond to security incidents proactively.

 

8. Compliance and Governance:

• Support compliance audits and assessments related to software security.
• Stay up-to-date with industry security trends, regulations, and best practices to ensure compliance with relevant security standards.

 

9.  IoT Data Security:

•    Establish data security and privacy measures for IoT data storage, transmission, and processing.
•    Implement encryption and data access controls to safeguard sensitive data collected by IoT devices.
   

10. Network Security for IoT:

• Design and implement secure communication protocols for IoT networks, ensuring data confidentiality and integrity.
• Implement network segmentation and access controls to isolate and protect critical IoT components.

 

About Luminous

Luminous Power Technologies, a leader in power solutions, is a 31-year-old company which started as a small venture. Now on its brand transformation journey, its mission is to become a name synonymous with all-encompassing home electrical, power backup and residential solar solutions and create millions of happy homes in India.

 

Today, Luminous is already a powerful, trustworthy brand name in 100 million Indian homes, In the course of this successful journey, it has embraced the core values of reliability, consistency, longevity and the highest standards of integrity along with dynamic ideas and innovation. Its consumer-centric focus has led Luminous into new categories to deliver excellence in every product and home solution it offers. 

With 7 manufacturing units, more than 28 sales offices in India and presence in over 36 countries our 6000 employees serve more than 60,000 channel partners and millions of customers. Our motto has always been Customer Delight through Innovation & Passion with focus on Execution & Team-work. At Luminous, we passionately innovate to make life comfortable and efficient.

 

Luminous is a group company of Schneider Electric, a global leader in energy management with presence in over 100 countries, 1.5 lakh people and a revenue of Rs. 2 lakh crore.

 

• Career Page- http://joinus.luminousindia.com/
• LinkedIn- https://www.linkedin.com/company/luminous-power-technologies-p-ltd/
• Home Page- https://www.luminousindia.com/about-us
• Glassdoor-https://www.glassdoor.co.in/Overview/Working-at-Luminous-Power-Technologies-P-       EI_IE519545.11,40.htm