Cloud Security Manager

Job Description

Cloud Security Manager (Application Security Architect) Bengaluru, Karnataka, India Global Delivery VCR51Description ZYCUS OVERVIEW:Zycus is looking for An Application Security Expert who can head Security front for Zycus, with an experience of about 8-16 years managing end to end security of Product.Headquartered in Princeton, U.S. in 1998, Zycus has grown every day to be established as an organization which now is a leading global provider of complete Source-to-Pay suite of procurement performance solutions.We develop cloud-based (SaaS) Source-to-Pay solutions for large global enterprises, and have successfully deployed about 200 solutions to over 1000 Global clients. Our spirit of innovation and our passion to help procurement create greater business impact are reflected among procurement solution deployments that we have undertaken over the years. We are proud to have as our clients, some of the best-of- breed companies across verticals like Manufacturing, Automotives, Banking and Finance, Oil and Gas, Food Processing, Electronics, Telecommunications, Chemicals, Health and Pharma, Education and more.With a team of 1200 employees, we are present in India with 3 development centers at Bengaluru, Mumbai & Pune and offices in the U.S., U.K., Netherlands, Australia, Dubai and Singapore.Know more about the LEADER of: Gartners 2013, 2015 & 2017 Magic Quadrant for Strategic Sourcing Application Suites and The Forrester Wave: eProcurement, Q2 2017JOB DESCRIPTION:The Cloud Security Architect leads the design and development of innovative security architectures for protecting data deployed into different types of cloud, hybrid cloud applications. This position will directly contribute to the overall global enterprise cloud architecture and lead the security vision and strategy around SaaS-based applications, across all types (including Infrastructure, Platform, and Software as a Service (IaaS/PaaS/SaaS).The Cloud Security Architect will serve as the central point of contact for Enterprise Security for other Technology teams within the Zycus for all matters related to cloud and application security. Identify opportunities and risks and develop and deliver solutions that support business strategies and protect Zycuss intellectual property globally.Expertise Collaborate with Product Managers, Platform Leads, and Information Security teams, to architect and design cloud security solutions. Knowledge of security services in cloud as well as on physical data center is essentialDelivery Complete architecture assessments across projects, prove use of security solutions to support new distributed computing solutions that span private cloud and public cloud services.Security Technology Strategy - Work with engineering, service and business teams to create technology roadmaps.RESPONSIBILITIES INCLUDE:Design and develop security architectures for cloud and cloud/hybrid based systems. Possess a firm understanding of the offerings within both Amazon Web Services (AWS) and the Microsoft Azure platforms and on physical data centers. Based on business requirements, design and implement cloud-native architectures and designs that will allow those requirements to be met with a minimal degree of risk to company and with appropriate security controls present.Represents Security Platform in development and implementation of the overall global enterprise cloud architecture. Acts as the ambassador and senior technical representative for Enterprise Security while engaging with other senior technical leaders throughout Zycus in design and implementation of cloud and cloud/hybrid based implementations and solutions. Works with Engineering, Infrastructure Services, and Application Development organizations to choose appropriate technology solutions and facilitates complete integration into the Zycus environments. Develops standards in partnership with Engineering, Infrastructure Services, and Application Development.Leads training and technical forums, serves as both a formal and informal mentor, and executes other initiatives designed to share knowledge across Security Platforms and/or Technology teams. Identifies, recommends, coordinates, and/or conducts informal/formal training sessions to deliver timely knowledge to support teams regarding technologies, processes or tools. Develops and executes strategies to increase Cloud Security knowledge throughout the enterprise, as well as developing and mentoring more-junior security analysts and engineers.Requirements Required Qualifications:8-16 years related work experience, required5-8 years experience with Security Architect and/or Engineering.3-5 years experience with Cloud platforms such as Amazon Web Services (AWS).Experience architecting solutions within Amazon Web Services (AWS) and, preferably, other cloud providers.Experience providing high level Vulnerability Assessment and Penetration Testing (VAPT) and penetration testing (Ex: Core Impact, Back Track/Kali Linux, Meta sploit, NMap, Burp suite, SQL Map/Ninja and Beef)Proven track record of using Web Application Scanner(Ex: Veracode, IBM App Scan and Acunetics) and Network Scanner(Ex: QualysGuard, Nessus, Openvas)Expertise performing Data Loss Prevention DLP (EX: Digital Guardian), Security information and event management SIEM (QRadar)Hands on experience working with Firewalls (Ex: Palo Alto), Sniffers (Ex: Wireshark, Cain & Able and John the Ripper etc.)Experience with assessment, development, implementation, optimization, and documentation of a comprehensive and broad set of security technologies and processes (secure software development (Application Security), data protection, cryptography, key management, identity and access management (IAM), network security) within SaaS, IaaS, PaaS, and other cloud environments.Working knowledge of common and industry standard cloud-native/cloud-friendly authentication mechanisms (OAuth, OpenID, etc).Experience working with cloud security and governance tools, cloud access security brokers (CASBs), and server virtualization technologies.Experience performing threat modeling and design reviews to assess security implications and requirements for introduction of new technologies.Experience representing technical viewpoints to diverse audiences and in making timely and prudent technical risk decisions.Experience with enterprise architecture and working as part of a cross-functional team to implement solutions.Ability to work independently with minimal direction; self-starter/self-motivatedCloud / SaaS Security and Architecture related certifications.Understanding of SSAE 16 SOC1, SOC2, PCIDSS etc.Preferred Qualifications:12-14 years of experience, preferred.Excellent Java EE software development experience, and experience with authentication/authorization in Java EE application servers (WebSphere, JBoss, Tomcat, etc).Nice to have - Architecture of mobile platform (iOS, Android) solutions, integrated with cloud-based services.Detailed understanding of SSL/TLS protocols and certificate-based solutions.excellent knowledge of JAVA J2EE, Middleware, ESB, etc.Benefits LOCATION: Mumbai / BangaloreCOMPENSATION: CompetitiveWHY ZYCUS :Be a part of one of the fastest growing product Company in IndiaCome join a young, dynamic & enterprising teamWork on the latest technologiesFlexible working hours (As per business requirement).Zycus Global Leader Procurement: https://www.zycus.com/newsroom/press-releases.html

Keyskills :
javaj2eehtmlpressglobal deliveryenterprise securitycryptographywebspheresqlsecurityiamlinuxjava eemiddlewarecloud servicesmobilemicrosoft azureaccess managementesbinfrastructure