Smith+Nephew Security Architect Active Directory

Job description

<p><p><b>Description :</b><br/><br/></p><p>Role : Security Architect.<br/><br/>Location : Kharadi, Pune.<br/><br/><b>What will you be doing ?

</b><br/><br/></p><p>- Be conversant with modern Security requirements and processes, including ISO, SOX, HIPAA, and Data Protection standards.<br/><br/>- Work with the Security ITLT team to continually develop the Security profile including Policies & Tooling.<br/><br/>- Work with projects and initiatives to apply security architecture policies, standards, and requirements; develop solutions; integrate security into solution designs; assess risks of security gaps; and develop architecture remediation.<br/><br/>- Responsible for creating, defining, and maintaining security standards and policies.<br/><br/>- Responsible for creating RFP documents to include Requirements, conducting POVs.<br/><br/>- Able to create Pen Testing scopes of work and run both infrastructure and application tests with vendors.<br/><br/>- Work with other teams to implement secure design principles and associated tools.<br/><br/>- Work with other solution architects to engineer, implement, and monitor security measures for the protection of computer systems, networks, and information.<br/><br/>- Assist Service Architect with transitioning projects and initiatives into production service.<br/><br/>- Create comprehensive reports including assessment-based findings, outcomes, and propositions for further system security enhancement.<br/><br/>- Develop technical solutions and security tools to help mitigate security vulnerabilities and automate repeatable tasks.<br/><br/>- Assist in configuration and troubleshooting security infrastructure devices.<br/><br/>- Consult with Smith & Nephew teams to ensure visibility of Security activities.<br/><br/>- Develop deep knowledge of Smith & Nephew cloud architecture and security to guide development teams.<br/><br/>- Provide input on technology selection and help drive best practices.<br/><br/>- Identify emerging patterns of risk within Smith & Nephew solutions and design solutions to mitigate those risks.<br/><br/>- Develop security solutions with reference to frameworks such as Cloud Security Alliance (CSA).<br/><br/>- Design security solutions to meet specific requirements such as CIS and NIST controls.<br/><br/><b>What will you need to be successful ?</b><br/><br/></p><p>Education : </p><p><br/></p><p>- Bachelor's degree in IT, Computer Science IT Engineering, or a relevant field.<br/><br/>Licenses/Certifications : </p><p><br/></p><p>- Industry-accepted IT Security certifications e.g , CISSP-ISSMP, CCSP, SANS, and TOGAF required.<br/><br/>- Should have professional experience of a minimum of 10 years and above in the IT Security and architecture field, operating at a senior level in the private or public sector with a demonstrable history of managing risk & operational security services, is essential.<br/><br/>- Analytical thinking and critical thinking skills with a focus on results.<br/><br/>- Experience working with enterprise systems and operating systems, such as Linux, Microsoft Windows, Active Directory, and Group Policy.<br/><br/>- Knowledge of networks, IP addressing, switches, gateways, DHCP, DNS, firewalls (Palo Alto knowledge is very useful), etc.<br/><br/>- Experience implementing Security controls on Network equipment both on-premises and in cloud solutions.<br/><br/>- Experience of creating RAS solutions for both IT & OT users.<br/><br/>- Experience of working with Cloud Architecture solutions (AWS / Azure) is needed.<br/><br/>- Able to create solutions and work with numerous teams in both the IT and OT spaces.<br/><br/>- Good understanding of security-related technology like firewalls, WAFs, IDS/IPS systems, SIEM systems, etc.<br/><br/>- Knowledge of office automation tools, databases, and other forms of data repositories.<br/><br/>- Experience implementing and administering security tooling within a large enterprise.<br/><br/>- Experience of multi-vendor, managed outsourcing environments.<br/><br/>- Experience with risk management activities (risk assessment, gap analysis, business impact analysis, threat and vulnerability evaluations, etc.) to help the enterprise reach an acceptable level of risk.<br/><br/>- Experience extracting data in various formats and importing or injecting this data into other systems or making data the basis of custom management reports.<br/><br/>- Experience developing parsers or code to facilitate reading of data files.<br/><br/>- Knowledge of scripting and programming across different applications and operating systems, e.g , VBA, Python, WSH, PowerShell, C++, Pascal, and C-shell.<br/><br/>- Experience working with Programme Managers and operational staff to deliver projects, including development of project plans, project goals and objectives, tasks, required resources, timelines, and help with project transition into live service.<br/><br/>- Experience of collaborating with vendor organizations, client organizations, and internal technical and management teams at all levels to achieve objectives.<br/><br/>- Experience in identifying, innovating, and developing solutions to support business processes.<br/><br/>- Experience with developing documentation and report writing and technical diagrams.<br/><br/>- Understanding of Secure by Design solutions.<br/><br/>- Deep understanding of Security Operations Center technologies and capabilities.<br/><br/>- Knowledge of ISO27001, GDPR, SOX Sarbanes, and HIPAA.<br/><br/>- Understanding of the techniques, tools, and processes used by hackers.<br/></p><br/></p> (ref:hirist.tech)

Required Skill Profession

Computer Occupations