An Amazing Career Opportunity for Product Security and Privacy Architect
Location: Chennai India (Hybrid)
Job ID: 47565

Profile Summary:

As part of the Product Security and Privacy team reporting to the Chief Product Security & Privacy Architect you will support product teams in adopting and implementing HIDs security and privacy program.
Accountable for the quality consistency and defensibility of all security & privacy related artifacts you guarantee that outputs are audit-ready and not just done.
You will have opportunities to work on a very wide portfolio of applications based on different technologies (Web Embedded Mobile Desktop) within a very diverse and international context covering all five HID Business Areas.

About HID Global

HID Global powers the trusted identities of the worlds people places and things. We make it possible for people to transact safely work productively and travel freely. Our trusted identity solutions give people secure and convenient access to physical and digital places and connect things that can be accurately identified verified and tracked digitally. Millions of people around the world use HID products and services to navigate their everyday lives and over 2 billion things are connected through HID. We work with governments educational institutions hospitals financial institutions industrial businesses and some of the most innovative companies on the planet. Headquartered in Austin Texas HID Global has over 4500 employees worldwide and operates international offices that support more than 100 countries. HID Global is an ASSA ABLOY Group brand. HID Global has is the trusted source for secure identity solutions for millions of customers and users around the India we have two Engineering Centre (Bangalore and Chennai). Global Engineering Team is based in Chennai and one of the Business Unit Engineering team is based in Bangalore. Check us out: You Ready to Join the Team
Our company is committed to finding the best and the brightest talent to help us reach the top. If you are a dynamic highly skilled experienced Cloud engineer and technology enthusiast and you enjoy working in a rapid pace within a rapidly growing business environment then you will want to consider this position. If you excel at communication collaboration and unrelenting innovation we want to talk to you. And if you bring dedication positive energy and integrity to the table you just might be the right fit for our team.

Qualifications
To perform this job successfully an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge skill and/or ability required. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions.

Roles & Responsibilities (Other duties may be assigned)

• Leads day-to-day security/privacy architecture governance escalates and obtains approval from the Chief Product Security & Privacy Architect as required.
• Define corporate wide security and privacy requirements controls and standards.
• Define corporate wide Secure Coding third-party deployment policies & other architecture-related standards.
• Define required training content.
• Define paved roads/security and privacy-by-design patterns and libraries.
• Lead development of AI-enabled PSP Architecture capabilities: define use cases requirements and success criteria.
• Own the threat modeling framework and quality bars.
• Run/approve security & privacy architecture reviews.
• Lead audit/assessment planning evidence of expectations and defensibility.
• Responsible for tooling selection and integration related to security & privacy architecture domain.
• Architect for compliance analyze new regulations and standards to identify gaps in the platforms capabilities standards and controls.
• Assess New Acquisitions Architecture and contribute to due diligence on a needed basis.

Primary Duties:

These define the broader responsibilities and areas of ownership within the role

• Provide recommendations for risk acceptance and exception requests.
• Provide input on tooling strategy and integration guidance for non-architecture related domains.
• Provide guidance on security requirements for supply chain tooling pipeline architecture and associated standards.
• Validate that platform architecture enables enforcement of PSP security controls.
• Provide expert input on exploitability attack paths and mitigation options during Incident handling process
• Provide guidance on true risk vs noise for security tool outputs and penetration tests.
• Provide subject-matter depth during training delivery: advanced Q&A edge cases Offer office hours or follow-ups for complex topics

Technical Skills:

• Experience contributing to at least one Secure Software Development Lifecycle (SSDL) program either as a security architect security champion or similar role.
• Working knowledge of general principles of application security
• Working knowledge of threat modeling principles.
• Working Knowledge of security standards (OWASP ISO NIST ...).
• Knowledge of security regulations such as the Radio Equipment Directive (RED) Cyber Resilience Act (CRA) Federal Information Processing Standards (FIPS) and Common Criteria (CC) or equivalent.
• Good understanding of cryptographic principles including algorithms key management and protocols.
• Experience using security tools (SAST DAST SCA Vulnerability Scanners Secret Scanners).
• Hands-on experience in at least one preferably more of these application domains:
  • Embedded device Security
  • Mobile security
  • Web & API security
  • Desktop security.

Preferred Qualifications

• Cloud infrastructure Supply Chain and deployment Security
• Experience with Agile/SAFe Methodology
• Experience with usage of AI tools in the context of a security program.

Education and/or Experience

• Masters Degree computer science or similar qualifications.
• At least 3 years in software/product security application security or security architecture
• At least 7 years of hands-on software engineering / QA / DevOps earlier in career (or equivalent).
• At least one security or privacy certification (CISSP CIPT CSSLP CEH ...) is a plus.
• Proven ownership of at least one of: threat modeling program secure design review governance audit evidence management security tooling strategy penetration testing program or similar.

Soft Skills

• Ability to effectively communicate complex concepts clearly and effectively in the English language both verbally and in writing.
• Like training and knowledge-sharing with a strong motivation to ensure the security program is successfully implemented by the teams.
• Highly adaptable and approachable fostering collaboration and open communication.
• Ability to tailor your communication to different audiences such as product owners development teams architects and other high-level users.
• Strong technical acumen with the ability to engage effectively with development teams and Continuous learning mindset.
  

Why apply

• Empowerment: Youll work as part of a global team in a flexible workenvironment learning and enhancing your expertise. We welcome an opportunity to meet you and learn about your unique talents skills and experiences. You dont need to check all the you have most of the skills and experience we want you to apply.
• Innovation: You embrace challenges and want to drive change. We are open to ideas including flexible work arrangements job sharing or part-time job seekers.
• Integrity: You are results-orientated reliable and straightforward and value being treated accordingly. We want all our employees to be themselves to feel appreciated and accepted.

This opportunity may be open to flexible working arrangements.

HID is an Equal Opportunity/Affirmative Action Employer Minority/Female/Disability/Veteran/Gender Identity/Sexual Orientation.

We make it easier for people to get where they want to go!
On an average day think of how many times you tap twist tag push or swipe to get access find information connect with others or track something. HID technology is behind billions of interactions in more than 100 countries. We help you create a verified trusted identity that can get you where you need to go without having to think about it.

When you join our HID team youll also be part of the ASSA ABLOY Group the global leader in access solutions. Youll have 63000 colleagues in more than 70 different countries. We empower our people to build their career around their aspirations and our ambitions supporting them with regular feedback training and development opportunities. Our colleagues think broadly about where they can make the most impact and we encourage them to grow their role locally regionally or even internationally. As we welcome new people on board its important to us to have diverse inclusive teams and we value different perspectives and experiences.

#LI-HIDGlobal