AVP Security - Software Development

PeopleStrong HR Services Pvt. Ltd.
  • Delhi
  • Confidential
  • 10-16 years
  • 30 Jul 2015

  • Project/ Program Management IT

  • IT/ Technology - Security
Job Description

Key Responsibilities:

Strategy Design and Implementation
Provide inputs to the overall strategy pertinent to security, application development; Ensure implementation of the strategy
Ensure adherence to the departmental budget Technical Need Analysis
Collaborate with Head, Software Dev. for Common Portal & others to articulate the requirements from enterprise security applications and provide inputs in creation of a functional specification document
Provide inputs for bid-process management for selection of consultants/ vendors for designing the Enterprise Security Applications & Database Target Architecture including inputs for design of RFPs, evaluation of vendors etc
Collaborate with the finalized vendor to articulate the requirements of the User Agencies (UAs) and maturity of IT architecture of Providing Organizations (POs) and design the Enterprise Security Applications & Database Target Architecture to ensure alignment with same
Provide inputs to R&D team on Best Practices, methods and emerging technologies in the related domain; Support in evaluating their applicability and feasibility for implementation
Assist in identifying critical architectural & infrastructure gaps in the security of the Information Technology environment and support in recommending solutions to solve potential problems and security issues
Design of Security Architecture
Support in designing the Enterprise Applications & Database Security Architecture including design of the Integration & Deployment Architectures for Security in Applications and Systems & Service Management systems
Assist in timely up-gradation of Information security norms to keep pace with the Technological changes and ensure that all future applications are secured against growing Security threats
Liaison with the Information Security function to identify and define the Information Security Policies, Processes and Guidelines and support in ensuring adherence to the same
Resolve the potential implications and conflicts between the Security architecture, with any constraints imposed by the application (logical/physical) design to the architecture; evaluate viable alternative approaches and recommendations in coordination with the consultant/ vendor
Identify and build improvements in the existing/future architecture based on changing needs of the organization, challenges faced in current implementation, technological changes at Providing Organizations end or changing needs of the User Agencies (UAs) Architecture Development
Provide inputs for bid-process management for selection of vendors for implementation of Enterprise Applications & Database Security Architecture, including inputs for design of RFPs, evaluation of vendors etc
Communicate the architecture blueprint to the finalized vendor in order to undertake development in line with the envisaged plan; Support in the evaluation and selection of Software Security product standards and design of standard configurations to ensure a highly secure IT environment
Monitor the activities of System Integrators to ensure that Enterprise Applications & Database Security Architecture development & implementation is as per the defined guidelines of cost, quality and time
Ensure testing of the robustness of Security Infrastructure to identify vulnerabilities both internally and externally
Ensure all dependencies, priorities and risks are managed across the project; Keep a track of the project budget and investigate reasons for deviations, if any
Provide inputs on the performance evaluation of contracted SIs/ Consultants
Ensure removal of bottlenecks and hurdles for the smooth advancement of activities
Ensure complete knowledge transfer from various Consultants/SIs
Ensure resolution of technical issues/ queries of the SIs
Provide technical guidance to the O&M team for upkeep & maintenance of the Enterprise Applications & Database Security Architecture

Candidate Profile

B.Tech (IT)/ BE degree in IT / MCA while M.Tech/ MBA is desirable with 10- 14 years of experience working with top IT companies in software development and maintenance
6- 8 years of CISSP or equivalent experience out of which minimum 4 years in software application architecture, Application security testing, vulnerability assessment, counter measures and related areas
Expert knowledge and demonstrated experience in software throughout the software development lifecycle
Experience in the areas of information security solutions such as firewalls, identity and access control, IPS/IDS and host based solutions, cryptography solutions, CAs, key management systems, URL filtering, e-mail security, and end-point protection solutions such as antimalware/firewalls
Experience in managing the complex IT project that involves packaged application implementation coupled with custom application development
Knowledge of UNIX, AIX, Linux, Cisco Network IDS, Cisco Host-based IDS, eTrust Access Control, ESM, and IDS. DES encryption, Digital Certificates, SSL, VPN, IPSec, TCP/IP, DNS and web security architecture, mySQL, subversion, Spam Assassin/other spam tools
Experience in responding and assisting for assisting in the coordination effort to remediate security alerts and respond to information security related incidents
Experience in using industry standards, technology standards and architecture frameworks in building the architecture blueprints and their implementation
Experience in adopting the structured implementation based on proven methodologies & models
Experience in tracking the project/program risk identification, mitigation in a structured way

Job Posted By