Siemens Healthineers Cybersecurity Architect in Bengaluru, India
Tasks and Responsibilities
The position will bring a mix of the following tasks and responsibilities:
• Provide technical leadership as we design and deploy our secure architectures. Drive implementation, innovation, and continuous improvement for Healthineers’ security.
• Review existing security capabilities, changes in the digital business, and threat landscape. Define roadmap and strategy for security enhancements and implementation of solutions.
• Validate security configurations and utilize infrastructure security tools, including endpoint protection systems, cloud security configurations, network security technologies, etc. Assess security tool effectiveness and review configurations to request improvements and fine-tuning.
• Develop and document security reference architectures, design patterns, roadmaps, and other architectural artifacts aligned with policies, standards, and industry best practices to leverage security capabilities and implement Information Security controls in projects and operations.
• Design, develop, and implement security solutions and tools to improve our security posture and protect our infrastructure and applications. Implement security improvements by assessing the current situation, evaluating trends, and anticipating requirements.
• Provide support to IT teams within projects to ensure the project is aligned with overall enterprise security architecture and security control requirements.
• Support and participate in the implementation and enforcement of secure design principles according to policies, standards, and patterns of Information Security.
• Participate in application and infrastructure projects to help defining the security model and adopt and promote a security-by-design approach with the different project stakeholders.
• Work closely with peers and colleagues across Infrastructure, Cybersecurity Operations and Governance to ensure that implementation and operations are aligned with security standards and best practices.
• Advise on incident containment measures through recommended initial actions in collaboration with the Incident Response team.
Knowledge of relevant technological aspects for this position. The ideal candidate should bring a mix of expertise in (a subset of) the following areas:
? Overall 8+ Years of experience in the IT industry
? Minimum 5 years of experience as a Cybersecurity Engineer, Architect, or related functional areas.
? Subject matter expertise with EPP and EDR technologies, Microsoft E5 security suite, operating systems, databases and middleware hardening, and security architecture. Desirable experience in the configuration and administration of security devices from leading vendors.
? Solid understanding of security architecture best practices and implementation (e.g., security protocols, cryptography, authentication, authorization).
? Experience determining security requirements by evaluating business strategies and requirements following a risk-based approach, and describing associated data flows and security controls needed, interacting with different stakeholders to explain and enforce security measures.
? Interaction with the other technical teams is an essential part of this position and as such a broad array of technical knowledge would be beneficial.
? Experience working in security environments based on SaaS-based products.
? "Hands-on" security tools operation experience in a global production environment is desirable.
? Willingness to stay on top of the latest information technology security trends.
? Understanding of security governance and compliance frameworks, incident categories, incident responses, and timelines for responses.
? Knowledge of security frameworks and methodologies (for example, NIST, SANS, Mitre Att&ck, Cyber Kill Chain).