Job Description

Responsibilities Prepare, publish, and institutionalize security best practices and guidelines across products. Ensure adoption and compliance. Review product security requirements and security design documentation . Participate in reviews throughout the product development cycle. Provide solutions for vulnerabilities and ensure reusable solutions are available across products. Work with Product Security Champions to mitigate or document vulnerabilities and obtain exceptional approvals if necessary. Conduct threat modeling design reviews and signoffs. Help mitigate WAF blockers during UAT/Production phases and work with Product Security Champions for product fixes. Maintain product-wise scanning status reports and conduct periodic audits on security processes followed by product development teams. Evaluate tools, technologies, and processes needed for secure product development as part of DevSecOps. Continuously improve product security and processes. Review third-party products and work with the Externally Obtainable Product (EOP) review team for approvals. Provide training and coaching on best practices, WAF analysis, and threat modeling to Product Security Champions Knowledge, Skills and Abilities 10-18 years of hands-on experience as a Software Architect with .Net , RDBMS and full stack application design and development. Good knowledge of OWASP and other industry standards. Extensive experience working as Product Security Architect with software engineering experience Good knowledge of cloud security architecture, design , Cloud-Native Security, Cloud Security Posture Management , Data Security in the Cloud (Advanced Concepts),Zero Trust Architecture in the Cloud,Multi-Cloud and Hybrid Cloud Security,Security for AI/ML in the Cloud Good knowledge of OS, network security, firewalls, routers, IDS/IPS, data encryption, and related tools/technologies. Build application security architecture for products/services developed using containers. Knowledge of containers, network isolation, secure engineering practices, and identity and access management is preferred. Experience using tools such as Veracode, Acunetix, Sonarqube and others. Provide solutions for managing these DAST, SAST and Pen Test vulnerabilities. Experience with Azure Cloud and Azure DevOps, CI/CD integrations Understanding and Implementing the Security Shift Left Concept Job Requirements Bachelor s Degree in computer science, Information Science, Software Engineering, or related discipline, or equivalent work experience. Minimum of 10+ years of software development experience and 5+ years of experience as Software Architect with deep knowledge on Product Security Preferred to have Industry industry-recognized Security certification such as CCSP, CASP etc. Preferred to have any industry certification on Security Preferred to have healthcare industry experience