Senior Manager, Corporate Security Architect (100% Remote)

Apply for this position Please mention DailyRemote when applying
timePosted 4 days ago location United States salarySalary undisclosed
Before you apply - make sure the job is legit.

Attempting to apply for jobs might take you off this site to a different website not owned by us. Any consequence as a result for attempting to apply for jobs is strictly at your own risk and we assume no liability.

Job Description

Cognizant requires a security individual to work to perform Cyber Security Architecture reviews and Information Risk Assessments. The individual will also be responsible for the Secure Development Life Cycle for solutions developed by the organization. This includes the implementation of and continuous management of the secure testing life cycle including DevOps and CICD integration, Static and Dynamic Application Security Testing as well as penetration testing. This role will provide subject matter expertise, strategic guidance, and security oversight for various initiatives including customer engagements and Cognizant corporate projects. Candidates will have a proven ability to provide guidance on industry best practices, regulatory compliance, and security assurance as it relates to Cognizant Corporate Security Policies, Procedures and Standards. This position will also be responsible working with development staff to review and remediate security testing findings. The SME will evaluate and assess solutions both prior to deployment and on an ongoing basis as part of Cognizant's continuous security management program.

Primary Responsibilities
• Serve as a Cybersecurity resource and SME for a Product and Platform centric organization - ensuring that secure coding practices, security architecture, and governance are integrated with solutions during development while also ensuring that security is designed into actual services from the inception of the project, to production and client delivery
• Day-to-day work with client delivery teams and ensure that they adhere to Cognizant's corporate information security architecture, policies, procedures, baselines and guidelines. This is role requires a mix of technical capabilities as well as the know-how to provide security governance over complex applications and projects while also having the ability to articulate complex security concepts to business personnel and non-security personnel
• Work with the application and solution teams to secure SaaS and on premise applications including assisting in the overall architecture and design of the solution and supporting components
• Engage with resources across governance, compliance, and technical architects during the lifecycle of a project, supporting the sales cycle, to interacting with prospective clients and client teams to usher in, and provide security assurance, guidance, and advisory
• Coordinate security testing of solutions including result analysis and driving of remediation (SAST, DAST, IAST, RASP, VM, and penetration testing)
• Work with infrastructure and development teams to integrate, implement, and maintain security tools in the CICD pipeline leveraging automation to ensure SAST, DAST, etc. are part of the overall model.
• Interface with Digital business leaders, client architecture teams, corporate architecture and governance personnel, as well as the Cognizant Security (CS) teams.
• Ability to translate technical risk issues and distill such issues to common IT business leaders and upper management
• Work with program managers to develop project plans, estimation documents, specifications, diagrams, and flowcharts
• Solid understanding of security vulnerabilities (OWASP, CVE scoring) and experience working with development and product teams to remediate vulnerabilities during development cycles.
• Solid understanding as to how to mitigate risks with common controls such as WAF'S, IDPS's, MPS's, AWL, etc.
• Implement common principles and practices across cloud platforms and provide compliance with industry specific guidelines such as the Security Trust and Assurance Registry from the Cloud Security Alliance. - provided by Dice