The Job logo

What

Where

Lead Cyber Security Architect/Engineer

ApplyJoin for More Updates

You must Sign In before continuing to the company website to apply.

Smart SummaryPowered by Roshi
Join our growing Product Security team as a Lead Cloud Application Security Architect for Forge Performance Plus product. Your responsibilities will include conducting design reviews, driving secure product development, influencing decision-makers, providing product security assessment reports, and mentoring team members. You must have a Bachelor’s degree and 8+ years of experience in application security architecture for any public cloud. We value a strong software development background, knowledge of secure software development lifecycle, and certifications in secure software lifecycle or cloud security. This is a great opportunity to work with cutting-edge cloud technologies and drive security best practices in our products.

In the role of Lead Cloud Application Security Architect for Forge Performance Plus product, you will join a growing Product Security team providing expertise in secure software, requirements, and architecture throughout all phases of the product lifecycle. The Lead Cloud Application Security Architect will report to the Senior Cyber Manager and will drive security baselines, processes, solutions, and risk reduction across a growing line of core product areas; providing mentorship to team members.

 

KEY RESPONSIBILITIES

·       Conduct design review of the core platforms in building the best and most secure Honeywell products in Azure Cloud

·       Drive secure product development using existing standards and practices, staying abreast of emerging threats, security practices, and technologies in the cloud

·       Influence decision-makers and stakeholders, improve secure coding practices, security requirements, and design

·       Regularly participate in PI Planning and Scrum Meetings to ensure that security is at the forefront of development and product management mind

·       Provide product security assessment reports to the Senior Management, Development Managers and Product Managers on a regular basis

·       Define and continuously improve Honeywell Secure SDLC process by simplifying and automating to match delivery speed of development teams

·       Drive secure engagement and architecture including threat modeling, vulnerability and risk assessment, analysis of findings from penetration tests, and tools (e.g., SAST, SCA, Container vulnerability scans)

·       Drive incident response investigation, ensure coordination for remediation plan and execution

·       Scope and drive security testing of products, perform results assessments, and assist in remediation strategies with engineering

·       Mentor and coach engineering and security architects in secure SDLC practices, train and engage security advocates

 

YOU MUST HAVE

·       Bachelor’s degree

·       8+ years of experience of application security architecture for any public cloud such as AWS, Azure, GCP

·       5+ years of programming experience

 

WE VALUE

·       Experience in architecting enterprise class high-volume high-performance software products

·       Secure software development lifecycle (SSDLC) experience

·       Rich software development background

·       Certifications in Secure Software Lifecycle or Cloud Security demonstrating deep practical knowledge, such as CSSLP or CCSP

·       Azure, AWS or GCP Security or Solutions Architecture Certifications

·       Understanding of the challenges operating trusted infrastructure in public cloud environments, as well as on-premises.

·       Ability to drive security concepts and practices into development teams, as well as communicate security risks, threats, and mitigation strategies

·       Strong interpersonal skills with the ability to facilitate diverse groups, help negotiate priorities, and resolve conflicts among project partners

·       Understanding of Agile software development practices

·       In-depth knowledge and understanding of OWASP Top 10 and CWE Top 25 with experience in assessment and providing remediation strategies

·       Experiences with DevOps (CI/CD) & SDLC

·       Master’s degree

·       Strong interpersonal skills with the ability to facilitate diverse groups, help negotiate priorities, and resolve conflicts among project partners

·       Passion for achieving results and continual self-improvement

Additional Information
  • JOB ID: HRD212750
  • Category: Engineering
  • Location: HW Camp II,Bldgs 9A&9B,Plot C2,RMZ Ecoworld,Varturhobli,Sarjapur Marathahalli Outer Ring Road,Bangalore,KARNATAKA,560103,India
  • Exempt
Set alert for similar jobsLead Cyber Security Architect/Engineer role in Bengaluru, India
Honeywell Logo

Company

Honeywell

Job Posted

a year ago

Job Type

Full-time

WorkMode

On-site

Experience Level

8-12 Years

Category

Engineering

Locations

Bengaluru, Karnataka, India

Qualification

Bachelor

Applicants

Be an early applicant

Related Jobs

Wipro Logo

Cyber Security Architect

Wipro

Bengaluru, Karnataka, India

Posted: a year ago

Job Description Position: SOC Lead (Security Operations Center Lead) Job Summary: The SOC Lead is a seasoned cybersecurity professional responsible for overseeing the daily operations of the Security Operations Center. This role involves managing a team of analysts, coordinating incident response efforts, ensuring the effectiveness of security tools and processes, and providing strategic guidance to enhance the organization's overall security posture. The SOC Lead collaborates with various stakeholders to develop and execute strategies that protect the organization's critical assets from cyber threats. Responsibilities: Lead and manage a team of SOC analysts, including hiring, training, performance evaluation, and career development. Oversee the day-to-day activities of the SOC, including incident monitoring, analysis, and response. Coordinate and drive incident response efforts for complex and high-impact security incidents. Develop and maintain SOC policies, procedures, and playbooks to ensure consistent and effective incident response. Must be able to manage the shifts/On-Call assignments for the management of the operations. Must be able to run and execute cyber Crisis simulation and table-top exercises for training of the team. Logically designing SOAR playbooks and helping the team manage the automation for Incident monitoring and response. Collaborate with IT, Legal, Compliance, and other departments to ensure alignment with security goals and regulatory requirements. Assess the effectiveness of security tools and technologies and recommend improvements or upgrades as needed. Provide strategic guidance and recommendations to senior management regarding security enhancements, threat landscape, and risk mitigation strategies. Stay up to date with emerging cybersecurity trends, threat intelligence, and best practices. Prepare and present regular reports on SOC activities, incident trends, and key performance indicators. Contribute to the development and maintenance of the organization's incident response and business continuity plans. Collaborate with internal teams and provide evidence for external/internal audits for risk governance and management. Qualifications: Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience). Extensive experience working in a Security Operations Center environment, with progressively increasing responsibilities. Strong leadership and management skills, with a proven track record of leading and motivating teams. In-depth knowledge of cybersecurity technologies, tools, and best practices. Experience with incident response methodologies, crisis management, and handling high-stress situations. Excellent communication and interpersonal skills, with the ability to interact effectively with technical and non-technical stakeholders. Must have a hands-on experience of at least 4 years on EDR, NDR, SOAR, CSPM, CASB, IDS/IPS, and SIEM platforms. Relevant industry certifications such as SANS, CISSP, CISM, CISA, or equivalent are highly desirable. Ability to think strategically, analyze complex situations, and make informed decisions. Experience working with audit and regulatory compliance frameworks (e.g., GDPR, HIPAA, PCI DSS) is a plus. Demonstrated ability to drive process improvements and adapt to changing threat landscapes.

GE (General Electric) Logo

Staff Cyber Security Architect

GE (General Electric)

Bengaluru, Karnataka, India

Posted: a year ago

Job Description Essential Responsibilities:   Define strategy and technology roadmap for the Cloud and Customer Solutions Cyber Security Programs Provide hands-on technical capability and embed with the CDO Cloud Architecture Team to deliver high value outcomes to the business Be responsible for identifying IT solutions, build a cybersecurity design and assessment framework, implementing the framework, leading the assessments and evaluations of existing solutions, and leading the remediation of cyber security risks or vulnerabilities Document secure architecture and design strategies and roadmaps for cloud and customer solutions Ensure cyber security risks and vulnerabilities are logged, analyzed and vetted for accuracy within SLAs Create and configure required cyber capabilities within the GE Digital Cloud Environment. Identify and deliver appropriate metrics to drive cloud and customer security solutions reporting framework based on business risk Collaborate with other GE Business Units to benchmark Cloud and Customer Solutions Cyber Security capabilities and processes Lead strategic projects and initiatives with broad scope and high impact to the business and be a recognized expert in security architecture and design Lead the implementation of cloud and customer solutions cyber security standards and policies to protect GE Transportation's information and business operations Lead the assessment of cloud and 3rd party hosted environments Continually evaluate new threats, solutions and the impact on IT and Business operations and balancing these needs to develop and implement the best security solutions for the business Represent GE Digital interests on GE-wide cloud and customer solutions cyber security initiatives   Basic Qualifications: Bachelor's Degree in Computer Science or STEM” Majors (Science, Technology, Engineering and Math) with minimum 6years of experience.    

Baker Hughes Logo

Senior Cyber Security GRC Architect

Baker Hughes

Cochin, Kerala, India

Posted: a year ago

As a Senior Cyber Security Architect, you'll support Baker Hughes Governance, Risk, and Compliance (GRC) architecture team with security architecture reviews associated with projects and initiatives. As a member of the GRC architecture team, the individual will collaborate with technical and project teams across the organization to support technical architecture governance.   As a Cyber Security Architect - Cloud, you will be responsible for: Leading/participating in cyber security architecture reviews. Serve as architecture/design subject matter expert for design reviews, issues management, and exceptions. Leading/participating in risk assessment and data classification activities. Lead/participate in firewall rule reviews and compliance activities. Ensuring cyber security architecture risks are identified, analyzed, prioritized, and documented. Lead/participate strategic projects and initiatives with broad scope and high impact to the business and be a recognized expert in security architecture and design. Identifying risks across network infrastructure that would lead to the exposure of sensitive data, unauthorized access, or loss of availability and prioritize remediation efforts to address gaps. Working with customers, vendors, and project managers on understanding business requirements and translating those into technical requirements. Fuel your passion   To be successful in this role you will:   Have a Bachelors degree in Computer Science, Information Systems, or other related STEM Majors (Science, Technology, Engineering, and Math) field . Have minimum 10 years of professional experience with In-depth understanding of networking technologies, including TCP/IP, networking, routing protocols, subnetting, switching, LAN, WAN, Load-Balancing, SD-WAN, DHCP, DNS, OT/IoT, etc. Have In-depth understanding of security technologies, including VPN, IPSec, WAF, PKI, SSH, SSL/TLS, IAM, SSO, basic/modern auth, MFA, etc. Have In-depth understanding of next-generation firewalls such as Palo Alto and associated capabilities, including Panorama, Threat, URL Filtering, Global Protect, App-ID. Have In-depth understanding of cloud technologies & associated architectures, including AWS, Azure, OCI, GCP, etc. Have In-depth understanding of operating systems including Windows, Linux, Unix, & MacOS. Understanding of firewall policy/compliance management platforms such as Algosec, Tufin, FireMon, etc. Have Understanding of technologies, architectures, and protocols used in oilfield services and Natural Gas/LNG/Turbo Machinery sectors.