Cognizant
Senior Manager – Security Architect
Cognizant, Columbia, South Carolina, United States,
Job SummaryCognizant Corporate Security is a key organization within Cognizant Technology Solutions, chartered with managing and directing the global enterprise physical and IT security programs. The Corporate Security organization is responsible for the oversight and coordination of security efforts across the company, including information technology, human resources, communications, legal, facilities management, and various other groups. It is responsible for identifying security initiatives and standards.
ResponsibilitiesA bachelor degree in computer science, Cybersecurity or a related field.Prior security architecture experience for 6-9 years or security engineering experience for 10-12 years with at least 5 distinct security technologies (e.g. Identity, Firewalls, Logging, Alerting, Encryption, Data-Loss Prevention).Experience (1-3 years) leading a team of security architects or engineers to tackle complex problems and in creating validation requirements for security architecture usage.Prior experience mentoring business and other security professionals in security architecture concepts and designs.Ability to develop and maintain security architecture artifacts (models, templates, standards, and procedures) that can be used to leverage security capabilities in projects and operations.Experience in creating baseline security configuration standards for operating systems (e.g. OS hardening), network segmentation, and identity and access management (IAM).Prior experience in participating in application and infrastructure projects in an advisory role to provide security-planning advice.Strong understanding of security frameworks (e.g. NIST, ISO 27001) and compliance requirements (e.g. GDPR, HIPAA).Knowledge of security technologies such as firewalls, VPN, data loss prevention, IDS/IPS, web-proxy, and security audits.Understanding of the current security concepts, methods, and protocols.Familiarity with web-based technologies (Web applications, Web Services, Service-Oriented Architectures) and network/web related protocols.A good team player with the ability to communicate well with various stakeholders.Ability to explain technical risk issues and simplify them for common IT business leaders and upper management.Ability to identify gaps in security controls and provide guidance based on residual risk analysis on needed controls to achieve compliance and follow secure design principles and the CIA triad.Strong willingness to learn and apply.
Certifications RequiredSC-900, CCSP, CISSP, CISM, and other relevant information security industry recognized certification desired.
#J-18808-Ljbffr
ResponsibilitiesA bachelor degree in computer science, Cybersecurity or a related field.Prior security architecture experience for 6-9 years or security engineering experience for 10-12 years with at least 5 distinct security technologies (e.g. Identity, Firewalls, Logging, Alerting, Encryption, Data-Loss Prevention).Experience (1-3 years) leading a team of security architects or engineers to tackle complex problems and in creating validation requirements for security architecture usage.Prior experience mentoring business and other security professionals in security architecture concepts and designs.Ability to develop and maintain security architecture artifacts (models, templates, standards, and procedures) that can be used to leverage security capabilities in projects and operations.Experience in creating baseline security configuration standards for operating systems (e.g. OS hardening), network segmentation, and identity and access management (IAM).Prior experience in participating in application and infrastructure projects in an advisory role to provide security-planning advice.Strong understanding of security frameworks (e.g. NIST, ISO 27001) and compliance requirements (e.g. GDPR, HIPAA).Knowledge of security technologies such as firewalls, VPN, data loss prevention, IDS/IPS, web-proxy, and security audits.Understanding of the current security concepts, methods, and protocols.Familiarity with web-based technologies (Web applications, Web Services, Service-Oriented Architectures) and network/web related protocols.A good team player with the ability to communicate well with various stakeholders.Ability to explain technical risk issues and simplify them for common IT business leaders and upper management.Ability to identify gaps in security controls and provide guidance based on residual risk analysis on needed controls to achieve compliance and follow secure design principles and the CIA triad.Strong willingness to learn and apply.
Certifications RequiredSC-900, CCSP, CISSP, CISM, and other relevant information security industry recognized certification desired.
#J-18808-Ljbffr