The Cloud Security Strategy, Architecture and Governance Architect is a senior role. While hands on architecture skills are required, this role may also have the responsibility of managing other security architects or internal initiatives. Typically, this requires ten to twenty years of Cyber Security experience as well as at least five years managing a small group.

Responsibilities:

·       Work with Corporate Security leadership to create and refine Cognizant cloud security strategy

·       Draft and provide updates for Cognizant cloud security standards and policies

·       Develop, document, and review cloud security architectures in compliance with Cognizant standards

·       Provide guidance, direction and support to teams implementing cloud security architectures

·       Identify gaps in current cloud implementations compared to standards and policies

·       Support, manage, and handle escalations related to security review of cloud implementations

·       Provide guidance on remediation plans, solutions, and compensating controls to manage risk

·       Foster better security through encouraging teams to use automated security tools

·       Act as a cloud security subject matter expert and assist in answering cloud security questions from across Cognizant

·       Identify and participate in other cloud security initiatives for career growth and to grow Corporate Security capabilities

·       Explain practical risks associated with security risks and vulnerabilities to aid the business in decision making

·       Act as a mentor and manage other architects to ensure that processes and risk tolerance are consistent with Cognizant standards and processes

 Required Experience:

·       Minimum of ten years of progressive experience with cyber security technology design, administration, or incident response in large complex environments

·       Experience in two or more of the following: security and risk management, security architecture and engineering, communications and network security, identity and access management, security assessment and testing, security operations, software development security

·       Experience in two or more of the following: cloud concepts, architecture and design, cloud data security, cloud platform and infrastructure security, cloud application security, cloud security operations, cloud legal risk and compliance

·       Knowledge of compliance standards such as Health Insurance Portability and Accountability Act (HIPAA), Payment Card Industry Data Security Standard (PCI DSS), Sarbanes-Oxley Act (SOX), National Institute of Standards and Technology (NIST 800-171), or equivalents

·       Minimum five years demonstrated experience mentoring, training, and developing other IT staff

·       Hands-on experience with at least one of the hyper scale cloud service providers:

o   Microsoft Azure

o   Amazon Web Services (AWS)

o   Google Cloud Platform (GCP)

·       Subject matter expertise in multiple cyber security technologies including:

o   Next-Generation Firewalls (NGFW)

o   Intrusion Detection System/Intrusion Prevention System (IDS/IPS)

o   Network Access Control (NAC)

o   Cloud Access Security Broker (CASB)

o   Security Incident Event Monitoring (SIEM)

o   email and web security

o   data protection

o   credential vaulting

o   certificate management

o   multi-factor authentication

o   cybersecurity automation

o   endpoint protection and response

o   vulnerability scanning and analysis

·       Working knowledge of:

o   Active Directory (AD) and Azure Active Directory (AAD)

o   Microsoft and/or Linux OS

o   Networking

o   Firewalls

o   Identity and Access Management (IAM)

o   Application Security

o   Penetration Testing

o   Incident Response

Employee Status : Full Time Employee

Shift : Day Job

Travel : No