Cyber Security Architect

Company: Wipro Ltd.
Location: Fort Worth
Posted on: January 25, 2023

Job Description:

n Principal Duties and Responsibilities: n Support the Software Engineers for implementing different security features in our medical devices and software products. n Preparing and updating Threat Models n Updating the Security Risk Assessment file and CVSS scoring n Preparing and updating the security controls documents for Regulatory team n Review of static code and binary analysis reports with peer cybersecurity experts n Preparing the Security Risk Management File and Reports n Enhance existing External / Internal Vulnerability Testing Process to feed and maintain Inventory cryptography information. n Willingness to perform documentation and verification of safety relevant functions in a highly regulated environment (EU MDR experience is an advantage). n Point of contact for getting the penetrating testing initiated and completed n Approver for all cybersecurity documents n n Experience and Skills needed: n Solid programming skills in C/C++. n Know-how on Cryptographic Libraries like wolfssl or openssl. n Knowledge on encryption and signing techniques - development level. n Exposure to technologies related to TSS and PKCS suite. n Security Engineering on issues around PKI. n Skillset covering experience to integrate cryptographic functions related to encryption, credential protection (e.g. password encryption, key management), TLS, etc. n Exposure to scripting languages like JavaScript or Python. n Know and recognize application security issues such as cross-site scripting, authorization, injection attacks, buffer overflows etc. in code and provide remediation recommendations. n Work independently or with fast moving Agile development teams. n Demonstrate skills of self-management in terms of priorities and responsibilities. n One industry certification (e.g., CISSP, CCSP, CSSLP, OSCP, GWEB, CEH, etc.) preferred n Role Purpose n The purpose of this role is to design the organisation?scomputer and network security infrastructure and protect its systems andsensitive information from cyber threats. n n Do n n n Design and develop enterprise cyber security strategyand architecturen n Understand security requirements by evaluating businessstrategies and conducting system security vulnerability and riskanalyses n Identify risks associated with business processes, operations, n n n n information security programs and technology projects n n Identify and communicate current and emerging security threatsand design security architecture elements to mitigate threats as theyemerge n Identify security design gaps in existing and proposedarchitectures and recommend changes or enhancements n Provide product best fit analysis to ensure end to end securitycovering different faucets of architecture e.g. Layered security,Zoning, Integration aspects, API, Endpoint security, Data security,Compliance and regulations n Demonstrate experience in doing security assessment against NISTFrameworks, SANS, CIS, etc. n Provide support during technical deployment, configuration,integration and administration of security technologies n Demonstrate experience around ITIL or Key process-orienteddomains like incident management, configuration management, changemanagement, problem management etc. n Provide assistance for disaster recovery in the event of anysecurity breaches, attacks, intrusions and unusual, unauthorized orillegal activity n Provide solution of RFP?s received from clients and ensureoverall design assurancen n Develop a direction to manage the portfolio of to-be-solutionsincluding systems, shared infrastructure services, applications,hardware related to cyber risk security in order to better matchbusiness outcome objectives n Analyse technology environment, enterprise specifics, clientrequirements to set a collaboration design framework/ architecture n n n n n Depending on the client?s need with particular standards andtechnology stacks create complete RFPs n n n Provide technical leadership to the design, development andimplementation of custom solutions through thoughtful use of moderntechnology n Define and understand current state solutions and identifyimprovements, options & tradeoffs to define target state solutions n Clearly articulate and sell architectural targets, recommendationsand reusable patterns and accordingly propose investment roadmaps n n n Evaluate and recommend solutions to integrate with overalltechnology ecosystem n Tracks industry and application trends and relates these to planningcurrent and future IT needs n n n n Stakeholder coordination & audit assistancen n Liaise with stakeholders in relation to cyber security issuesand provide timely support and future recommendations n Provide assistance in maintaining an information security riskregister and help with internal and external audits relating toinformation security n Support audit of security best practices and implementation ofsecurity principles across the organization, to meet business goalsalong with customer and regulatory requirements n Assist with the creation, maintenance and delivery of cybersecurity awareness training to team members and customers n Provide training to employees on issues such as spam andunwanted or malicious emails n n n n n n Stakeholder Interaction n n n n n n Stakeholder Type n n n Stakeholder Identification n n n Purpose of Interaction n n n n n Internal n n n Program Manager/Director n n n Regular reporting & updates n n n n n Infrastructure (CIS team) n n n For infrastructure support n n n n n External n n n Customer n n n n To coordinate for all security breaches & resolutions n n n n n n n n Display n n Lists the competencies required to perform this role effectively: n n Functional Competencies/ Skilln n Leveraging Technology - Knowledge of current and upcoming securitytechnologies (e.g. Firewalls, IPS, DDoS, SIEM, WAF, Endpoint etc.) andunderstanding of compliance regulatory requirement like PCI DSS, HIPAA,etc.- Expert n Systems Thinking ? Understanding of the Wipro system(interrelatedness, interdependencies and boundaries) and perform problemsolving in a complex environment - Expert n Leveraging Technology ? In-depth knowledge of and mastery overecosystem technology that commands expert authority respect ?Master n Technical Knowledge - Certified Information Systems SecurityProfessional (CISSP), Cloud Architect Certification from AWS and Azure,ToGAF or SABSA certification-Master n n n n n n n n n n Competency Levels n n n n n Foundation n n n Knowledgeable about the competency requirements. Demonstrates (inparts) frequently with minimal support and guidance. n n n n n Competent n n n Consistently demonstrates the full range of the competencywithout guidance. Extends the competency to difficult and unknownsituations as well. n n n n n Expert n n n Applies the competency in all situations and is serves as a guideto others as well. n n n n n Master n n n Coaches others and builds organizational capability in thecompetency area. Serves as a key resource for that competency and isrecognized within the entire organization. n n n n n n n Behavioral Competenciesn n Effective Communication n Managing Complexity n Client centricity n Technology Acumen n Innovation n Problem Solving approach n Collaborative Working n Execution Excellence n n n n n n n n n Deliver n n n n n n No. n n n Performance Parameter n n n Measure n n n n n 1. n n n Customer centricity n n n Timely security breach solutioning to end users, Internalstakeholders & external customers experience, CSAT, educating andsuggesting right control to the customers. n n n n n 2. n n n Support sales team to create wins n n n % of proposals with Quality Index > 7, timely support ofthe proposals, identifying opportunities/ leads to sell services within/outside account (lead generation), no. of proposals led n n n n n n Cloud Product & Platform Testing

Keywords: Wipro Ltd., Fort Worth , Cyber Security Architect, Professions , Fort Worth, Texas