Job summary
Cognizant Corporate Security a key organization within Cognizant Technology Solutions chartered with managing and directing the global enterprise physical and IT security programs. The Corporate Security organization is responsible for the oversight and coordination of security efforts across the company including information technology human resources communications legal facilities management and various other groups and is responsible for identifying security initiatives and standards.
Responsibilities
A bachelor degree in computer science Cybersecurity or a related field.
Prior security architecture experience for 6-9 years or security engineering experience for 10-12 years with at least 5 distinct security technologies (e.g. Identity Firewalls Logging Alerting Encryption Data-Loss Prevention).
Experience (1-3 years) leading a team of security architects or engineers to tackle complex problems and in creating validation requirements for security architecture usage.
Prior experience mentoring business and other security professionals in security architecture concepts and designs.
Ability to develop and maintain security architecture artifacts (models templates standards and procedures) that can be used to leverage security capabilities in projects and operations.
Experience in created baseline security configuration standards for operating systems (e.g. OS hardening) network segmentation and identity and access management (IAM).
Prior experience in participating in application and infrastructure projects in an advisory role to provide security-planning advice.
Strong understanding of security frameworks (e.g. NIST ISO 27001) and compliance requirements (e.g. GDPR HIPAA).
Knowledge of security technologies such as firewalls VPN data loss prevention IDS/IPS web-proxy and security audits.
Understanding of the current security concepts methods and protocols.
Familiarity with web-based technologies (Web applications Web Services Service-Oriented Architectures) and network/web related protocols.
A good team player with the ability to communicate well with various stakeholders
Ability to explain technical risk issues and simplify them for common IT business leaders and upper management.
Ability to identify gaps in security controls and provide guidance based on residual risk analysis on needed controls to achieve compliance and follow secure design principles and the CIA triad.
Strong willingness to learn and apply
Certifications Required
SC-900 CCSP CISSP CISM AND OTHER RELEVANT INFORMATION SECURITY INDUSTRY RECOGNIZED CERTIFICATION DESIRED.
Read Full Description