- Entry level
- No Education
- Salary to negotiate
Application Security Architect
What you'll be doing:
Our strength to build on our ability to work together. Our diverse backgrounds offer different perspectives and new ways of thinking. It supports lively discussions, inspires thought leadership, and helps us build better solutions for our clients. We want someone who thrives in this setting and can support to craft relevant solutions through true collaboration.
If you’re comfortable with ambiguity, excited by change, and excel through autonomy, we’d love to hear from you.
About Corporate Security
Cognizant Corporate Security, a key organization within Cognizant Technology Solutions, is chartered with managing and directing the global enterprise physical and logical security programs. The Corporate Security organization is responsible for the oversight and coordination of security efforts across the company, including information technology, human resources, communications, legal, facilities management and various other groups, and is responsible for identifying security initiatives and standards. Corporate Security drives security compliance and serves as the key organization responsible with helping the business appropriately lead security risks.
Cognizant is searching for a multifaceted information security professional, Application Security Architect, and domain authority who can lead information security initiatives as they relate to the architecture and engineering of enterprise security solutions, systems, and applications in the Cognizant Healthcare division. The role will report into the Director, Application Security.
This role will require leading Application Security efforts to applying the Cognizant Secure SDLC to the Healthcare product suite. This will include day-to-day collaboration with Product teams ensuring that these teams adhere to Cognizant’s corporate information security architecture, policies, procedures, baselines and guidelines. This will also include hands-on review of application architecture/design for ensuring security is baked into each product from the start.
The applicant possess the following:
7-10 years of Application development, security or testing experience in large scale environments, experience working with geographically separated and remote development teams is a plus.
5-7 years of Application security and secure coding experience including but not limited to the OWASP Top 10 and SANS / CWE Top 25 coding standards. Experience with Java and .NET is helpful as well.
Previous experience with securing applications in Cloud environments (Microsoft Azure preferred).
5-7 years of progressive information security experience across various information security / information technology risk management domains such as but not limited to: application security, infrastructure security, identity and access management, third party risk, vulnerability and cyber threat management, security architecture, etc.
Solid ability to work with leadership and hands-on in applying a Secure SDLC program with existing product groups.
Previous knowledge and expertise in designing and architecting information technology and security controls across complex and diverse applications and infrastructures.
Technical capability and critical thinking skills while having the ability to think creatively, demonstrated ability to solve complex information security problems, ability to observe security risks and weaknesses and provide security recommendations to respective product and delivery teams.
Ability to translate technical risk issues and distill such issues to common IT business leaders and upper management.
Ability to build complex information security designs geared at secure design principles and the CIA triad.
Ability to design and incorporate security designs in new, legacy, and in-progress environments undergoing general IT transitions / upgrades.
Work with program managers to develop project plans, estimation documents, specifications, diagrams, and flowcharts.
Ability to think strategically, strong attention to detail and organization skills.
Understanding of information risk management frameworks, regulations, data protection guidelines and standards.
Experience authoring reports, data flow diagrams, and Visio drawings for security systems and networks required.
Bachelor’s Degree in Computer Science, Engineering or related field required or equivalent experience.
CSSLP or CISSP,
About the company
Cognizant (NASDAQ: CTSH) is a leading provider of information technology, consulting, and business process outsourcing services, dedicated to helping the world's leading companies build stronger businesses. Headquartered in Teaneck, New Jersey (U.S.), Cognizant combines a passion for client satisfaction, technology innovation, deep industry and business process expertise, and a global, collaborative workforce that embodies the future of work. With over 100 development and delivery centers worldwide and approximately 221,700 employees as of December 31, 2015, Cognizant is a member of the NASDAQ-100, the S&P 500, the Forbes Global 2000, and the Fortune 500 and is ranked among the top performing and fastest growing companies in the world. Visit us online at www.cognizant.com or follow us on Twitter: Cognizant.