Description

Application Security Architect

Corporate Security

Location: Remote, any location in the US

Summary:

This role will interact with Cognizant internal business/technology groups to ensure Cognizant Security Requirements are met for any customer facing products/services/platform. Provide guidance to business and development groups to ensure appropriate Security Architecture is designed into all Cognizant products. Foster better security posture closely aligned with Cognizant Security Policy and Standards. Facilitate and encourage integration with Cognizant Security processes and automation.

Role & Responsibilities

Review designs to find deficiencies in security. Advise and educate development groups on best practices and why it is necessary. Identify any gaps with the security policies/standards in an operational on going way. Provide guidance on remediation plan, possible solutions and compensating controls to appropriately manage risk in a way that is consistent with Cognizant's risk tolerance. Foster better security culture through encouraging teams to be onboarded into an common development pipeline or CI/CD. Act as Security SME for the assigned development teams to lead the ongoing efforts to secure the platform/application. Assist and facilitate ongoing TVM efforts with the assigned groups to keep track of their status and progress with all vulnerabilities, but especially any zero-day vulnerabilities that are identified then prioritized. Conduct any other work to facilitate and assist in better security overall for cognizant. Assist in any client queries as a SME. Identify and participate in other security initiatives that is aligned with your interests and knowledge.

Primary skills: Information/Cyber Security

Required Skills: Prefer one of the following or similar: CISSP, CISM, well recognized Application Security Testing certifications, regulatory requirements, threat vulnerability management.

Occasional travel (once/twice a year)

Qualifications

Technical Skills

SNo Primary Skill Proficiency Level * Rqrd./Dsrd. 1 Platform Security PL1 Desired

* Proficiency Legends

Proficiency Level Generic Reference PL1 The associate has basic awareness and comprehension of the skill and is in the process of acquiring this skill through various channels. PL2 The associate possesses working knowledge of the skill, and can actively and independently apply this skill in engagements and projects. PL3 The associate has comprehensive, in-depth and specialized knowledge of the skill. She / he has extensively demonstrated successful application of the skill in engagements or projects. PL4 The associate can function as a subject matter expert for this skill. The associate is capable of analyzing, evaluating and synthesizing solutions using the skill.