Security Architect
Bengaluru, India
Clinisys
Global provider of intelligent diagnostic informatics solutions and expertise designed to redefine labs across healthcare, life sciences, public healthRole : Product Security Architect
Responsibilities
- Prepare, publish, and institutionalize security best practices and guidelines across products. Ensure adoption and compliance.
- Review product security requirements and security design documentation. Participate in reviews throughout the product development cycle.
- Provide solutions for vulnerabilities and ensure reusable solutions are available across products. Work with Product Security Champions to mitigate or document vulnerabilities and obtain exceptional approvals if necessary.
- Conduct threat modeling design reviews and signoffs. Help mitigate WAF blockers during UAT/Production phases and work with Product Security Champions for product fixes.
- Maintain product-wise scanning status reports and conduct periodic audits on security processes followed by product development teams.
- Evaluate tools, technologies, and processes needed for secure product development as part of DevSecOps. Continuously improve product security and processes.
- Review third-party products and work with the Externally Obtainable Product (EOP) review team for approvals.
- Provide training and coaching on best practices, WAF analysis, and threat modeling to Product Security Champions
Knowledge, Skills and Abilities
- 10-18 years of hands-on experience as a Software Architect with .Net , RDBMS and full stack application design and development. Good knowledge of OWASP and other industry standards.
- Extensive experience working as Product Security Architect with software engineering experience
- Good knowledge of cloud security architecture, design , Cloud-Native Security, Cloud Security Posture Management , Data Security in the Cloud (Advanced Concepts),Zero Trust Architecture in the Cloud,Multi-Cloud and Hybrid Cloud Security,Security for AI/ML in the Cloud
- Good knowledge of OS, network security, firewalls, routers, IDS/IPS, data encryption, and related tools/technologies.
- Build application security architecture for products/services developed using containers. Knowledge of containers, network isolation, secure engineering practices, and identity and access management is preferred.
- Experience using tools such as Veracode, Acunetix, Sonarqube and others. Provide solutions for managing these DAST, SAST and Pen Test vulnerabilities.
- Experience with Azure Cloud and Azure DevOps, CI/CD integrations
- Understanding and Implementing the Security Shift Left Concept
Job Requirements
- Bachelor’s Degree in computer science, Information Science, Software Engineering, or related discipline, or equivalent work experience.
- Minimum of 10+ years of software development experience and 5+ years of experience as Software Architect with deep knowledge on Product Security
- Preferred to have Industry industry-recognized Security certification such as CCSP, CASP etc.
- Preferred to have any industry certification on Security
- Preferred to have healthcare industry experience
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security Audits Azure CASP+ CCSP CI/CD Cloud Compliance Computer Science CSPM DAST DevOps DevSecOps Encryption Firewalls Full stack IAM IDS IPS Network security OWASP Product security RDBMS SAST SonarQube Veracode Vulnerabilities Zero Trust
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.