Cyber Security Architect

Role: Fulltime permanent

Company: A large product-based MNC

Location: Hyderabad, work from office

Experience: 10+ years

Notice period: Immediate joiners

Job Title: Sr Technical Specialist- Product Cyber Security Architect

Years Of Experience: 10+

Role Overview:

Product Cyber Security Engineer/Architect

On a typical day you will:

• Work with product development teams and carry out functional cyber risk assessments to support their cyber requirements throughout the entire development cycle.

• Develop standard work documents for cyber controls that meet technical requirements (for both systems and components) arising from standards such as IEC 62443
• Coordinate with quality and product development teams to periodically update cyber security design policies and ensure that these policies are incorporated into product design, with requirements for traceability and system validation and verification.
• Interface with global teams and share best practices and lessons learned
• Refine and support the standard work associated with product cyber security incident response management
• Work closely with the product testing teams to validate recommended security controls
• Continually enhance the capabilities of the Cyber security team:
• Identification of technology and methodology gaps
• Participation and leading technical and industry committees
• Creation of discipline health score card.
• Work in an environment of continuous improvement and lean process and product development.
• Stay updated on latest cyber security hacking news, technologies and methodologies including:
• The latest attack methodologies include penetration testing and red-team methodologies.
• Latest forensic and incident response methodologies.
• Attend security or hacker conferences and stay on the cutting edge

What You Will Need to be Successful:

• Bachelor of Science/Engineering in cyber security, computer science or a related engineering discipline

• 10+ years of product cyber security engineering and software systems development experience; at least 2 years hands-on experience with penetration testing methodologies and tools.

• In depth knowledge of IEC 62443 and related cybersecurity standards.

• In-depth knowledge of requirements captures, cyber security threat modeling and systematic discovery of threats, as part of Secure Development Lifecycle, with broad understanding of potential vulnerabilities at different layers of hierarchical systems

• Cyber security certifications such as OSCP, GSEC, CEH

• Knowledge of state-of-the-art security analysis tools and various product cyber security safeguards. These include threat modeling, source code analysis, dynamic analysis, penetration testing and audit/compliance tools

• Excellent written and verbal communication and presentation skills. Adept at communicating with globally disperse cross functional teams.

• (Preferred) Strong knowledge in various cryptographic systems and requirements for authentication, authorization and encryption for various types of systems
• (Preferred) Intimate knowledge and experience with incident response management and risk assessment