Job Title : Assoc. Dir. DDIT ISC VulnSvcs
Location : HyderabadThe role is part of Security Operations in Vulnerability Services team. The person will focus on reducing risk exposure from security vulnerabilities with major focus on solution design, architecture, and VulnSvcs products management.Your Responsibilities Include but are not limited to:• Act as a lead for security design review and threat modeling solution:o Own the design, implementation, roadmap, and operational oversight for Threat modeling solution such as IriusRisk.o Accountable for managing quality of threat modeling and architecture review performed by assessors on Novartis applications.o Continuous improvement and adoption of security by designo Lead product vendor/CSM connects to address Novartis requirements/issues.o Engineer components, templates, configurations in TM tool to enable centralized and automation of solution security design review in different SDLC methodologies.• Act as a lead for managing security products owned by VulnSvcs team:o Ownership of translating VulnSvcs business requirements technically and working with cross functional teams to manage implementation.o Proactively monitor and govern engineering and support operations of the VulnSvcs solutions such as ServiceNow (SecOps), API security, Code security, IriusRisk, etc. with required external/internal teams.o Drive identification of root causes to prevention recurrence of issues.• Influence and drive VulnSvcs products roadmap and maturity through active engagement• Collaborate with various stakeholders from security operations, architecture, cyber, and application teams to achieve goals and remediation advisory on secure design controls.• Develop and maintain documentation of related process and best practices.• Provide security awareness and training to teams on security practices and VulnSvcs solutions.• Implement security policies, procedures, and standards to ensure the confidentiality, integrity, and availability of solutions from technical vulnerabilities.[#video# http://www.youtube.com/watch?v=ggbnzRY9z8w{#400,300#}#/video#]
Commitment to Diversity & Inclusion:
We are committed to building an outstanding, inclusive work environment and diverse teams representative of the patients and communities we serve.
Role Requirements
• 8+ years of overall working experience in information security preferably in Application Security, Secure SDLC and Security Architecture domain.• At least 4+ years performing threat modeling, secure architecture review of applications.• Expertise with automated or centralized threat modeling solutions such as IriusRisk• Strong knowledge of OWASP, SAMM, security frameworks, application architecture principles, security risk management, API security, centralizing threat/vulnerability management, and relevant domain areas.• Knowledge of secure system development, product management, and governance models for Agile/DevSecOps methods.• Strong knowledge of cloud services and technologies such as AWS, Azure, SaaS applications, web services, mobile applications, SAP landscape, etc.Why Novartis: Our purpose is to reimagine medicine to improve and extend people’s lives and our vision is to become the most valued and trusted medicines company in the world. How can we achieve this? With our people. It is our associates that drive us each day to reach our ambitions. Be a part of this mission and join us! Learn more here: http://www.novartis.com/about/strategy/people-and-cultureYou’ll receive: You can find everything you need to know about our benefits and rewards in the Novartis Life Handbook. http://www.novartis.com/careers/benefits-rewardsCommitment to Diversity and Inclusion:Novartis is committed to building an outstanding, inclusive work environment and diverse teams' representative of the patients and communities we serve.Join our Novartis Network: If this role is not suitable to your experience or career goals but you wish to stay connected to hear more about Novartis and our career opportunities, join the Novartis Network here:http://talentnetwork.novartis.com/network
Why Novartis: Helping people with disease and their families takes more than innovative science. It takes a community of smart, passionate people like you. Collaborating, supporting and inspiring each other. Combining to achieve breakthroughs that change patients’ lives. Ready to create a brighter future together? http://www.novartis.com/about/strategy/people-and-culture
Join our Novartis Network: Not the right Novartis role for you? Sign up to our talent community to stay connected and learn about suitable career opportunities as soon as they come up: http://talentnetwork.novartis.com/network
Benefits and Rewards: Read our handbook to learn about all the ways we’ll help you thrive personally and professionally: http://www.novartis.com/careers/benefits-rewards