Cyber Security Architect
Company: Wipro Ltd.
Location: Fort Worth
Posted on: January 25, 2023
|
|
Job Description:
n Principal Duties and Responsibilities: n Support the Software
Engineers for implementing different security features in our
medical devices and software products. n Preparing and updating
Threat Models n Updating the Security Risk Assessment file and CVSS
scoring n Preparing and updating the security controls documents
for Regulatory team n Review of static code and binary analysis
reports with peer cybersecurity experts n Preparing the Security
Risk Management File and Reports n Enhance existing External /
Internal Vulnerability Testing Process to feed and maintain
Inventory cryptography information. n Willingness to perform
documentation and verification of safety relevant functions in a
highly regulated environment (EU MDR experience is an advantage). n
Point of contact for getting the penetrating testing initiated and
completed n Approver for all cybersecurity documents n n Experience
and Skills needed: n Solid programming skills in C/C++. n Know-how
on Cryptographic Libraries like wolfssl or openssl. n Knowledge on
encryption and signing techniques - development level. n Exposure
to technologies related to TSS and PKCS suite. n Security
Engineering on issues around PKI. n Skillset covering experience to
integrate cryptographic functions related to encryption, credential
protection (e.g. password encryption, key management), TLS, etc. n
Exposure to scripting languages like JavaScript or Python. n Know
and recognize application security issues such as cross-site
scripting, authorization, injection attacks, buffer overflows etc.
in code and provide remediation recommendations. n Work
independently or with fast moving Agile development teams. n
Demonstrate skills of self-management in terms of priorities and
responsibilities. n One industry certification (e.g., CISSP, CCSP,
CSSLP, OSCP, GWEB, CEH, etc.) preferred n Role Purpose n The
purpose of this role is to design the organisation?scomputer and
network security infrastructure and protect its systems
andsensitive information from cyber threats. n n Do n n n Design
and develop enterprise cyber security strategyand architecturen n
Understand security requirements by evaluating businessstrategies
and conducting system security vulnerability and riskanalyses n
Identify risks associated with business processes, operations, n n
n n information security programs and technology projects n n
Identify and communicate current and emerging security threatsand
design security architecture elements to mitigate threats as
theyemerge n Identify security design gaps in existing and
proposedarchitectures and recommend changes or enhancements n
Provide product best fit analysis to ensure end to end
securitycovering different faucets of architecture e.g. Layered
security,Zoning, Integration aspects, API, Endpoint security, Data
security,Compliance and regulations n Demonstrate experience in
doing security assessment against NISTFrameworks, SANS, CIS, etc. n
Provide support during technical deployment,
configuration,integration and administration of security
technologies n Demonstrate experience around ITIL or Key
process-orienteddomains like incident management, configuration
management, changemanagement, problem management etc. n Provide
assistance for disaster recovery in the event of anysecurity
breaches, attacks, intrusions and unusual, unauthorized orillegal
activity n Provide solution of RFP?s received from clients and
ensureoverall design assurancen n Develop a direction to manage the
portfolio of to-be-solutionsincluding systems, shared
infrastructure services, applications,hardware related to cyber
risk security in order to better matchbusiness outcome objectives n
Analyse technology environment, enterprise specifics,
clientrequirements to set a collaboration design framework/
architecture n n n n n Depending on the client?s need with
particular standards andtechnology stacks create complete RFPs n n
n Provide technical leadership to the design, development
andimplementation of custom solutions through thoughtful use of
moderntechnology n Define and understand current state solutions
and identifyimprovements, options & tradeoffs to define target
state solutions n Clearly articulate and sell architectural
targets, recommendationsand reusable patterns and accordingly
propose investment roadmaps n n n Evaluate and recommend solutions
to integrate with overalltechnology ecosystem n Tracks industry and
application trends and relates these to planningcurrent and future
IT needs n n n n Stakeholder coordination & audit assistancen n
Liaise with stakeholders in relation to cyber security issuesand
provide timely support and future recommendations n Provide
assistance in maintaining an information security riskregister and
help with internal and external audits relating toinformation
security n Support audit of security best practices and
implementation ofsecurity principles across the organization, to
meet business goalsalong with customer and regulatory requirements
n Assist with the creation, maintenance and delivery of
cybersecurity awareness training to team members and customers n
Provide training to employees on issues such as spam andunwanted or
malicious emails n n n n n n Stakeholder Interaction n n n n n n
Stakeholder Type n n n Stakeholder Identification n n n Purpose of
Interaction n n n n n Internal n n n Program Manager/Director n n n
Regular reporting & updates n n n n n Infrastructure (CIS team) n n
n For infrastructure support n n n n n External n n n Customer n n
n n To coordinate for all security breaches & resolutions n n n n n
n n n Display n n Lists the competencies required to perform this
role effectively: n n Functional Competencies/ Skilln n Leveraging
Technology - Knowledge of current and upcoming securitytechnologies
(e.g. Firewalls, IPS, DDoS, SIEM, WAF, Endpoint etc.)
andunderstanding of compliance regulatory requirement like PCI DSS,
HIPAA,etc.- Expert n Systems Thinking ? Understanding of the Wipro
system(interrelatedness, interdependencies and boundaries) and
perform problemsolving in a complex environment - Expert n
Leveraging Technology ? In-depth knowledge of and mastery
overecosystem technology that commands expert authority respect
?Master n Technical Knowledge - Certified Information Systems
SecurityProfessional (CISSP), Cloud Architect Certification from
AWS and Azure,ToGAF or SABSA certification-Master n n n n n n n n n
n Competency Levels n n n n n Foundation n n n Knowledgeable about
the competency requirements. Demonstrates (inparts) frequently with
minimal support and guidance. n n n n n Competent n n n
Consistently demonstrates the full range of the competencywithout
guidance. Extends the competency to difficult and unknownsituations
as well. n n n n n Expert n n n Applies the competency in all
situations and is serves as a guideto others as well. n n n n n
Master n n n Coaches others and builds organizational capability in
thecompetency area. Serves as a key resource for that competency
and isrecognized within the entire organization. n n n n n n n
Behavioral Competenciesn n Effective Communication n Managing
Complexity n Client centricity n Technology Acumen n Innovation n
Problem Solving approach n Collaborative Working n Execution
Excellence n n n n n n n n n Deliver n n n n n n No. n n n
Performance Parameter n n n Measure n n n n n 1. n n n Customer
centricity n n n Timely security breach solutioning to end users,
Internalstakeholders & external customers experience, CSAT,
educating andsuggesting right control to the customers. n n n n n
2. n n n Support sales team to create wins n n n % of proposals
with Quality Index > 7, timely support ofthe proposals,
identifying opportunities/ leads to sell services within/outside
account (lead generation), no. of proposals led n n n n n n Cloud
Product & Platform Testing
Keywords: Wipro Ltd., Fort Worth , Cyber Security Architect, Professions , Fort Worth, Texas
Click
here to apply!
|