Job Information
HP Inc. Security Architect in Pune, India
Job Summary
- This role is responsible for secure architecture review of software solutions developed in the organization to ensure applications meet the necessary security requirements. The role is responsible for overall security objectives of the organization but mainly focusing on security architecture review of applications, creating final reports, follow standard operating procedures, educate developers on security issues with the help of frameworks and tools. The role works closely with cross-functional teams to understand requirements, provide technical insights, and ensure the successful security assessment of projects.
Responsibilities
Does Security review of portions of web application or entire application, API, thick client applications according to standard methodologies with appropriate tools while maintaining the delivery timelines.
Creates feature specific review checklist if required based on the business logic of the feature and review them against security requirements.
Identifies opportunities for improvements in processes used by security team and development teams for security evaluation purposes.
Keeps up to date with latest security issues and apply them in the current methodology wherever applicable.
Participates as a part of the team to deliver on high quality security related initiatives for the organization and team.
Collaborates and communicates with stakeholders regarding security issues, their status, project progress, and issue resolution.
Understanding of global security and regulatory compliances at application level e.g. GDPR like Data privacy laws.
Engages and promote security culture and security team to expand the portfolio.
Builds strong working relationships and quickly establishes credibility across an organization.
Education & Experience Recommended
Four-year or Graduate Degree in Computer Science, Information Systems, or any other related discipline or commensurate work experience or demonstrated competence.
Typically has 10+ years of work experience in IT security. Experience in cloud application development would be a plus.
Preferred Certifications
- CISM/CISSP or equivalent (Not required but good to have)
Knowledge & Skills
Threat Modeling of Cloud Applications.
STRIDE/DREAD/P.A.S.T.A etc. threat modeling methodology.
Security assessment
Security design and Implementation in Cloud Services
SSDLC in Modern App Development
Agile Development process
Amazon Web Services
CI/CD Pipeline understanding.
Risks, vulnerabilities and related remediation's
Cryptography
Authentication
Authorization
Microsoft Threat Modeling tool
Compliance Requirements
Data Privacy Laws
SonarQube or Veracode or equivalent tool
Microservices
Java/Golang (Programming Language)
Cross-Org Skills
Effective Communication
Proactive
Leadership
Collaborative
Team player
Impact & Scope
- Impacts immediate team and acts as an informed team member by providing analysis based on available information.
Complexity
- Responds to routine and ad-hoc requirements within established guidelines.
Disclaimer
- This job description describes the general nature and level of work performed in this role. It is not intended to be an exhaustive list of all duties, skills, responsibilities, knowledge, etc. These may be subject to change and additional functions may be assigned as needed by management.
Equal Opportunity Employer (EEO):
HP, Inc. provides equal employment opportunity to all employees and prospective employees, without regard to race, color, religion, sex, national origin, ancestry, citizenship, sexual orientation, age, disability, or status as a protected veteran, marital status, familial status, physical or mental disability, medical condition, pregnancy, genetic predisposition or carrier status, uniformed service status, political affiliation or any other characteristic protected by applicable national, federal, state, and local law(s).
HP Inc.
- HP Inc. Jobs