You will be working as a Senior Cybersecurity Engineer within the healthcare domain, defining and attesting security architecture and standards for all Technology solutions, infrastructure, and applications and projects
that will be running across multiple geographies, helping healthcare organizations achieve their business goals with use of data ingestion technologies, cloud services & DevOps. You will be working with Architects from
other specialties such as Data engineering, Software engineering, ML engineering to harden the platforms, solutions and applications such as digital diagnosis, software as a medical product, AI marketplace, amongst
others and make them secure against cyber threats.
Role & Responsibilities
- Develop a complete understanding of a company’s technology and information systems.
- Design, build, implement and support enterprise-class security systems.
- Identify and communicate current and emerging security threats
- Plan, research and design robust security architectures for any IT project.
- Perform or supervise vulnerability testing, risk analyses and security assessments.
- Create solutions that balance business requirements with information and cybersecurity
requirements.
- Identify security design gaps in existing and proposed architectures and recommend changes or
enhancements.
- Set up and support code security and infrastructure security activities of DevSecOps Pipeline.
- Must have experience in cloud concepts and perform assessment and implementation of new
technologies within the cloud.
- Use current programming language and technologies to write code, complete programming and
perform testing and debugging of applications.
- Provide supervision and guidance to development and security teams.
- Define, implement and maintain corporate security policies and procedures.
- Respond immediately to security-related incidents and provide thorough remedial solutions and
analysis.
Must Have
- Experience in automating security tools and processes ensuring innovation and advancement strategies that keep pace in the areas of access control, security-in-depth, secure transaction processing, secure coding practices.
- Experience in working in a high paced DevSecOps or SecOps environment with hands-on experience in Docker, Kubernetes and Cybersecurity tools like IDS, SIEM, SAST/DAST Scanners, EDR
- Experience in conducting and facilitating security reviews, threat modelling including deep design reviews throughout the development lifecycle to identify all the threats the systems are exposed to and recommended mitigations controls to address those threats.
- Hands-on knowledge in Cloud Security and AWS / GCP / Azure (good hands-on experience in at least one of them preferably GCP)
- Experience in performing penetration testing activities on Internal and large scale cloud infrastructure
- Hands-on experience in performing threat modelling and web application security assessments
- Experience in evaluating and implementing industry leading third party security tools and software
- Hands-on experience in performing vulnerability assessment and management via automation
- Effective communication skills with all the stakeholders involved.
- Skills to communicate clearly about complex subjects and technical plans with technical and non-technical audiences.
- Ability to identify risks associated with business processes, operations, technology projects and information security programs