Security Architect

Industry / Sector / Domain

Life Sciences

Location

Pune

Experience Range

10+ years

Company Profile

One of the leading Life Sciences/ Pharma companies in India

Job Profile

  • Conducting security testing (e.g., penetration testing, red teaming) on the actual platform,  including infrastructure and application layer
  • Re-evaluating the actual security by simulating a real cyber attacker, identifying vulnerabilities, and leading to action recommendations on how to close findings 
  • Authoring new or updated policies and procedures for internal partner and stakeholder input.
  • Conducting a technical cloud security configuration/hardening assessment (e.g., to  verify security configuration of AWS account)
  • Providing a hands-on verification of the security of  the actual AWS instance/account and actively improving security by changing configuration in  line with best practices. 
  • Engagement of a third party to perform a security review in line with typical industry standards  (e.g., CIS Critical Security Controls, ISO 27001) 
  • Providing some level of assurance but is limited to the depth of the actual review/certification
  • Preparing and delivering communication and training to educate teams on the evolving compliance landscape and new or updated policies and related changes. 

Candidate Profile

  • 10+ years related work experience in driving cybersecurity, privacy, and risk management  programs in medium to large enterprise organizations. 
  • 4+ years of related experience in the healthcare, diagnostics, and / or pharmaceutical industry,  preferred. 
  • Professional with detailed technical knowledge of techniques and standards for authentication  and authorization, applied cryptography, security vulnerabilities and remediation 
  • Ability to advise on architecture decisions at technical and product level 
  • Adequate knowledge of web related technologies (Web applications, Web Services and Service  Oriented Architectures) and of network/web related protocols, and cloud infrastructure
  • Experience in Agile Development and DevSecOps tooling such as Dynamic Application Security Testing, Static Application Security Testing, Container and application  vulnerability scanning 
  • Understanding the relationship with Product Owner, DevOps and rest of the Security team
  • Excellent knowledge of HIPAA, GDPR, and other privacy relevant legislation and regulations
  • Good understanding of techniques, standards and state-of-the art capabilities for authentication and authorization, applied cryptography, security vulnerabilities and remediation 
  • Great interest in all aspects of security and privacy research and development 
  • Excellent verbal and written communication skills in English are a must

Follow us on Linkedin to stay updated on exciting opportunities

Executive Search | Talent Acquisition | Salary Benchmarking | Market Entry Assistance | Interim Management | Talent Intelligence | RPO | Talent Mapping

Happy to Help