Security Expert

Permanent
Noida
Posted 1 day ago

About Client: Our client is a global technology leader that develops networked visualization solutions for the entertainment, enterprise and healthcare markets. In order to further grow its Core Business and Research & Development Division in India, they are looking for talent who specializes in Security Expert.

Responsibilities:

  • Advice and guide product security strategy (“security by design”) together with product security architect and security office
  • Execute and guide threat modeling exercises and security risk analyses during design/development phases
  • Design and document technical security controls in different product lines ranging from embedded to cloud deployments
  • Challenge R&D teams and system architects about the why and how technical security controls should be integrated
  • Guarantee compliance with privacy regulations from product development perspective in cooperation with product security architect and data protection officer
  • Monitor and improve security controls in the design and development phases:
    • Security baseline
    • Code review process
    • Vulnerability management (e.g. of open source packages)
    • Vulnerability scanning (tooling and configuration)
    • Application security testing
  • Follow up incident response management and vulnerability disclosure processes
  • Follow up ISO 27001 ISMS/audit for all product development related subjects
  • Create security whitepapers of the different product lines
  • Stay up-to-date with latest security/privacy technologies, trends and regulations and translate impact to the business stakeholders

Qualification:

  • Master degree in IT or information security, or equivalent by experience
  • At least 5 years of experience in information security management, preferably also from development perspective (defensive side)
  • Solid understanding of security protocols, cryptography, authentication, authorization and best practices
  • Broad technical knowledge: from embedded devices to cloud deployed services
  • Familiar with OWASP project (Top 10, ASVS, SAMM, …)
  • Coding skills: C, C++, javascript
  • Preferably holder of certifications like GIAC, CISSP, CISM, …
  • Experience with agile development process across international teams
  • Well respected and influential, able to emphasize methodology, modeling, and governance, technologically neutral, persuasive, and enthusiastic
  • Good verbal, written, presentation, facilitation, and interaction skills, including ability to effectively communicate risks, issues and concepts to multiple organization levels and executive management
  • Customer centric mindset
  • Fluent in both spoken and written English

Job Features

Job CategoryIT

Apply Online

A valid email address is required.
A valid phone number is required.