Omega Healthcare - Information Security Architect

12 - 15 Years

Hyderabad

Posted 4 months ago

#Information Security #IT Security #Cyber Security #IT Controls #IT Compliance #IT Audit

Job Description for:

Information Security Architect:

- Design and implement security architectures, frameworks, and standards to ensure the CIA.

- Provide technical leadership and guidance to security engineers, analysts, and administrators in the implementation and maintenance of security controls.

- Monitor and assess emerging cybersecurity threats, vulnerabilities and trends to proactively identify and address potential risks to the organization.

- Knowledge of secure software development frameworks, and libraries (OWASP ASVS, OWASP Top10, ESAPI) to prevent common security vulnerabilities.

- Perform threat modelling exercises to identify potential security threats and risks associated with software designs and implementations.

- Integrate Security testing tools and automation into the CI/CD pipeline to ensure security requirements are validated throughout the development process.

- Implement secure software development methodologies (S-SDLC) such as DevSecOps and Agile Security to embed security into the development lifecycle.

- Experience with security testing tools and techniques including DAST, penetration testing and Fuzz testing.

- In-depth knowledge of security technologies, including Firewalls, IDS/IPS, SIEM, DLP, Encryption, DMZ, Bastion Hosts and IAM solutions.

- Define and document security requirements, specifications, and architecture diagrams for new projects and system enhancements.

- Mentor junior penetration testers and provide training on penetration testing methodologies and tools.

- Hands-on experience with Code review tools, (like Checkmarx, Fortify, SonarQube) and static analysis scanners to identify security weaknesses in code.

Qualification:

- Any post-graduate with Information Technology or Security with good communication skills

- Overall IT experience of 12 to 15 years, with a minimum of 10 years in IT Security, Audit, or Compliance roles.

- Certifications like CISSP, (CSSLP) Certified Secure Software Lifecycle professional or OSCP.