Application Security Architect | Kronos | Noida

Exciting Opportunity and high visibility, Application Security Architect role. Seasoned professional who have experience working with product teams and advising them on application security for Cloud Product. Feel free to drop me a mail (kushagra.pande@kronos.com) or text me. I will revert. Do refer professionals who have similar experience.

Description

Highly visible role in Cloud Product Engineering team where we are looking for seasoned application security professional. Role will be involved in continuous efforts on the architect and design the security aspect for the product feature hosted on public cloud.

Key Business Deliverable Of This Role Will Include

• Work in a highly visible role driving the overall product engineering effort to ensure security of the application suite without compromising supportability, performance, configurability and usability
• Identify security design flaws and proactively make recommendations for improving product designs security practices - balancing the business impact with the potential risk
• Assess current security practices - identify and implement relevant training to ensure state of the art development practices as it relates to security
• Recommend security practices which align with contemporary software development practices and strike a balance between absolute, theoretically secure products and products which are demonstrably secure
• Evaluate, implement and support security-focused tools and services
• Prepare and update threat models for various services and modules of the product
• Assess impact of newly identified vulnerabilities on the product and prepare risk assessments
• Ensures adherence of the development team to the architectural vision for recommended security practices
• Provide guidance and review of changes to the methods for our product’s external connectivity – Including authentication, encryption, application protocols and intrusion detection
• Develop initial proof of concept implementations of security solutions within the product suite including areas such as authentication, authorization, auditing and data security
• Perform research, recommend solutions and create proposals based on latest industry trends and industry standards to meet business requirements
• Partner with our IT and Operations Teams to support their security programs relating to corporate and operational practices and audits
• Engage, define and manage 3rd party software security audits and assessments.
• Support discussions with prospects and existing clients looking to better understand how Kronos ensures the security of their data

Key Indicators Of Success Include

• “event-free” security assessments of the Kronos software and hardware solutions as well as state of the art engineering practices
• Adoption of “Security first” attitude and security tools amongst the product development teams

Close collaboration with

• Sales & Partners to support the communication of Kronos security practices to client IT groups
• Hosting Operations to collaborate on maintaining solid security protocols while balancing time to market and other business pressures
• 3rd party auditors to achieve the business appropriate certifications and assessments

Qualifications

• Graduate degree in Computer Sc./Engineering from top colleges of state universities and other good engineering institutes with 60% throughout academics.
• Degrees attained B.Tech/B.E/M.E/M.Tech/M.Sc/M.S in Computer Science
• 12+ years software development experience in a fast-paced environment, working through all phases of the software development life cycle
• At least 4 years of experience in an information security position
• Experience with the full software development life cycle including design, testing, deployment and documentation activities
• Experience with information security policies, intrusion response procedures, disaster recovery procedures, risk analysis and administering the operations of a complex security infrastructure
• Participation in an external audit and providing the engineering team guidance on correcting Software Development Lifecycle modifications and coding practices to address discovered weaknesses
• Must be able to develop positive relationships and effectively communicate with product architects, development engineers, quality assurance personnel, IT & Operations, external auditors and all levels of management
• Demonstrated ability to assess and improve security practices
• Strong verbal and written communication skills