Manager - Mobile Security Architecture

Pylon Management consulting
  • Gurgaon
  • Confidential
  • 10-12 years
  • Views
  • 11 Apr 2018

  • Others

  • Consumer Durables/ Semi Durables
Job Description

The mobile security architect will work on ORGANISATION mobile projects on a global scale. Projects will cover a broad scope of technologies used within ORGANISATION . The Mobile Security Architect is responsible for providing security architecture, secure coding and design guidance to product development teams across ORGANISATION mobile projects and work towards enhancing the software security expertise of application development. The Mobile Security Architect needs to be experienced, creative, with extensive background in the mobile eco system and cyber security risk factors and how best can they be mitigated. The architect plays an essential role in developing secure architecture for mobile applications, strategies and designs to enable successful development and deployment of applications as part of the Mobile Application Center of Excellence (MACoE).  The architect would need to be knowledgeable about mobile architecture and development, and work with our IT partners to architect solutions effectively. Self-motivation and partnering with other staff as needed is expected as given. Internal Job Description If you are interested in applying for this position you must inform your current line manager of your interest and intent to apply. Job Responsibilities Create and maintain the Information Security aspects in the Mobile Application Reference Architecture and Playbook, in alignment with the Enterprise Architecture framework Support creating and maintaining a Mobile Application Service Roadmap aligned to the various Service Owners within ORGANISATION who provide dependent services within ORGANISATION s mobile application development stack Serve as an SME in a range of areas, including secure software development, application security, data protection, network and cloud security, identity and access management (including MultiFactor Authentication), device entitlement, cryptography and key management. Collaborate and work closely with the Information Security team in identifying, understanding and adapting the security policies and software security standards to FSE's development lifecycle and software stack. Work with various stakeholders in designing and architecting secure cloud based applications and offerings. Promote and support the use of code testing tools by development teams where applicable Engage in the initial requirements definition and product planning phase with various key stakeholders for understanding complex business needs and project scopes, with a focus on information security requirements. Work with product development team and quality assurance teams through various phases of SDLC to continuously improve the security posture of products. Take part in the review process for 3rd party mobile products, packages and services before they are accepted into the organisation Analyze various products and perform threat modeling, code reviews, and security architecture and design reviews. Implement and manage the development of common security modules and libraries that can be reused across various products and solutions. Organize and manage static and dynamic application security testing and assist developers in remediating vulnerability findings by providing line-by-line coding guidance. Monitoring industry security updates, technologies and best practices to improve security practices within ORGANISATION . Basic Job Requirements Education/Experience B.A./B.S. information technology, information security, computer science, or a related field Minimum of 3 years of information security experience, with a strong background in Enterprise Mobility and/or Security architecture, IT infrastructure, network security, security applications and technologies preferred, but will consider applicants who demonstrate sufficient level of knowledge and experience In-depth experience with Internet protocols vulnerabilities, intrusion detection systems, firewall management, network vulnerability analysis, cryptographic theory and practice, incident analysis and response, software testing and security assessment, malicious code and software exploitation techniques, continuous monitoring and event logging, counterterrorism cyber-crimes, computer forensics analysis and computer crime investigation. Strong knowledge of software development and deployment methodologies in web, mobile, and cloud based environments. Knowledge of software security frameworks, practices, standards, and guidelines (OWASP, SANS, NIST, etc.) Strong knowledge of software and application security architecture (web and mobile) and a solid understanding of secure SDLC processes (Touchpoints, SDL, and/or CLASP) Advanced understanding of Data Security, Network Security, Infrastructure Security, and Risk management Knowledge of various cloud platforms (AWS, Azure, etc.) and common industry standard cloud security mechanisms (OAuth, OpenID, SAML, API Security, etc.) Advanced understanding of security best practices for AWS/Azure and recommendations aligned to frameworks from Cloud Security Alliance, ISO and NIST Good understanding of architectural frameworks (BOST, TOGAF, Zachman, SABSA, OSA) Knowledge of different open source and vendor specific security solutions Knowledge of current trends, threat landscape and emerging security technologies CISSP, CSSLP, GWEB, GWAPT, and one of CCSK or CCSP preferred. Cloud security and/or architecture related certifications desirable AWS Certified Solutions Architect or Certified DevOps Engineer. Strong verbal and written communication skills (English) Key Competencies Problem solving, analytical skills and decision making Able to effectively handle difficult and stressful situations with poise, tact and patience, while demonstrating a sense of urgency Able to anticipate, identify, and solve critical problems proactively Able to identify long lead time elements of work and plan accordingly Able to make decisions with an extremely strong business sense Flexible, self-motivated, and proactive out-of-the-box and critical thinker Ability to integrate experts in a project team Excellent customer service orientation Displays tact, patience and the ability to handle stressful situations Ability to communicate effectively (oral & written) Ability to develop process documentations, technical manuals and instructions Attention to detail, well organized, and able to set priorities Ability to respect all ORGANISATION information as personal and confidential Reliable and cooperative team player; displays consideration and respect for others Ability to develop and articulate technical concepts for general use Additional Information Please Note: This position will be located in Bangalore Must be able to perform successfully in a fast-paced, intellectually intense, service-oriented environment and to interpret rules and guidelines flexibly to enhance the business and in keeping with ORGANISATION s values and culture. Experience working successfully within a complex matrix structured organization is essential. Occasional travel to our worldwide ORGANISATION offices will be required


Job Posted By

About Organisation

Pylon Management consulting