Job Description
Graduate / Post Graduate in Computer Science / IT security or related fields.5-7 years of IT experience and minimum 3 years' experience in IT Security.Demonstrated expertise in the following:
- Developing products and services for customers
- Security architecture and design
- Threat and risk analysis / threat modeling / security risk analysis
- Security vulnerability monitoring / 3rd party software security evaluation
- Security incident handling / security forensic analysis
- Automated security tooling / vulnerability scanning / code analysis
- Fuzz testing / penetration testing
- Secure coding and design guidelines / secure software development lifecycle processes
- HIPAA / HITECH regulations / FDA cybersecurity regulations for medical devices
- Standards: IEC 62443, NIST SP 800-x, IEC 80001, CLSI AUTO11-Ax, ISO 27001 etc
Certified Information Systems Security Professional (CISSP) or Certified Secure Software Life cycle Professional (CSSLP) or equivalent demonstrated expertise is beneficial.Areas of Responsbility:Support project teams in conducting the corresponding security activities during the development process, project management process and services and in product and solution release.
- Participate in incident response teams, incident escalation
- Participate in threat and risk analysis workshops
- Provide expertise and support in security tools to product teams
- Conduct product and solution security training and development of training material.
- Develop and maintain security guidelines and guidance for product development teams.
- Collect product & solution security related lessons learned and feed into continuous
- Improvement activities (e.g. update of guidelines, reporting to PSSOs, integration in awareness material).
- Stay up-to-date on the latest security threats/technologies.
- Support the development of the PSS community within the organization, with experience exchange internally and externally.
- Support multiple projects at the same time and should occupy the function for the main part of defined working time.
Contacts :(internal/external):
Internal: CYSO, CYSEs within other business units, Product Owner, Project Manager, Development and Test team, Architect, Quality and Risk Management, Business Management.
External: Security Community, External companies (collaboration, standardization),Customer's security representatives
Job Details
-
Job Location
-
Bengaluru India
-
Company Industry
-
Other Business Support Services
-
Company Type
-
Employer (Private Sector)
-
Employment Type
-
Unspecified
-
Monthly Salary Range
-
Unspecified
-
Number of Vacancies
-
Unspecified