Principal Security Architect, Infrastructure

Description

Job Location

Hyderabad (SAL) IN

Job Posting Title

Principal Security Architect, Infrastructure

The Challenge

The Principle Security Architect, Infrastructure plays an integral role in defining and assessing the organization's security strategy, architecture and practices. You will be required to effectively translate business objectives and risk management strategies into specific security processes enabled by security technologies and services. You’ll use your leadership skills to give guidance, best practice advice and support across all our business and technology groups. You’ll participate with incident response, risk reviews, and vulnerability assessments, identifying threats, which will lead to driving and selecting cost-effective solutions. Deploy best practices, new policies, and emerging trends to strengthen our strategic roadmap. Keep executives, directors, management, and stakeholders in the loop as well as managing budgets.

What you will Do

• Develop and maintain security architecture artifacts (e.g., models, templates, standards and procedures) that can be used to leverage security capabilities in projects and operations • Track developments and changes in the digital business and threat environments to ensure that they're adequately addressed in security strategy plans and architecture artifacts • Participate in application and infrastructure projects to provide security-planning advice • Conduct or facilitate threat modeling of services and applications that tie to the risk and data associated with the service or application • Ensure a complete, accurate and valid inventory of all systems, infrastructure and applications that should be logged by the security information and event management (SIEM) or log management tool • Establish a taxonomy of indicators of compromise (IOCs) and share this detail with other security colleagues, including the security operations center (SOC), information security managers and DT Enterprise Architects • Review security technologies, tools and services, and make recommendations to the broader security team for their use, based on security, financial and operational metrics • Collaborate with DT Smart Home, Product Security Managers and teams to assess the security of operational technology (OT) and Internet of Things (IoT) systems • Liaise with the internal audit (IA) team and Security Governance Manager to review and evaluate the design and operational effectiveness of security-related controls • Architecting and designing IAM technology such as federation (SAML, OAuth, OpenID Connect), Multi factor Authentication (MFA), Single Sign On (SSO), Active Directory, API gateway access control, identity governance & administration. •The enterprise security architect will be expected to draft project plans for security service and technology deployments and coordinate with stakeholders across the organization. • Provide technical guidance and foster a collective understanding of data flows and security issues encountered in cloud applications and services • Staying abreast of changes in vendor landscape and providing guidance regarding cloud service offerings. • Lead Cloud Security DevOps with different scrum teams and plan user stories for sprints while addressing requirements and orchestrating security impact • Provide expert knowledge of cloud security architecture and consult with business and other technology teams to address complex application needs • Work closely with development teams on Infrastructure as Code, Automation, and Orchestration • Provide Security posture and best practices for deploying web and service-based applications in Windows/Linux environments using containers • Review network segmentation to ensure least privilege for network access • Validate security configurations and access to security infrastructure tools, including firewalls, proxies, IPSs, and WAFs • Design (and provision) network security policies and controls and dynamic routing • Design (and provision) VLANs and Isolated L3 networks compliant with required Zero Trust Principals • Strong experience with Directories, SSO, Federation, Delegated administration, API gateways, SOA services.

What you need to Succeed

• Bachelor's or master's degree in computer science, information systems, cybersecurity, or a related field. • 5 - 7 years' experience architecting solutions • 5 - 7 years' experience in Information Security • CISSP - Certified Information Systems Security Professional • Documented experience and a strong working knowledge of the methodologies to conduct threat-modeling exercises on new applications and services • Possess significant breadth across other disciplines (e. g., enterprise security architecture, compute services, storage, large-scale networking, virtualization, data center, integration architecture (API), orchestration technologies (Openstack/Cisco), systems resiliency, service support, application development lifecycle management (DevOps), and service delivery). • Direct experience designing IAM technologies and services: • Strong working knowledge of IT service management (e.g., ITIL-related disciplines): • Be a strong technologist with pragmatic view and creative mind, and a natural collaborator with line of business security architects, engineers, developers, application owners, service providers, and senior management. • Experience working with cloud security management / governance tools, Cloud Access Security Brokers (CASB), cloud services and 3rd party hosted services, and server virtualization products and technologies. • Experience with one or more general purpose programming languages including but not limited to: Java, C/C++, C#, Objective C, Python, JavaScript. • Excellent command of Cybersecurity organization practices, operations risk management processes, principles, architectural requirements, engineering threats and vulnerabilities, including incident response methodologies • Hands-on experience as an engineer or architect with public cloud technologies to include Amazon Web Services (AWS) and Microsoft Azure Cloud Platforms. • Proven experience securing cloud software, platforms and/or infrastructures. • Experience designing cloud security solutions, including creating artifacts, models, and strategy presentations.

GE Appliances is an Equal Opportunity Employer.  Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.