Role: Business Information Security Officer - Delivery Security & Assurance Location: Singapore Geographic Coverage: APAC & Middle East
Cognizant requires a Security Executive to expand, lead and manage the Security program for Asia Pacific & Middle East (APAC & ME).
The Delivery Security & Assurance Director will provide expert leadership, strategic guidance, and operational management to the Security teams within this scope.
This role reports through the Global Head of Security & Information, and as part of Cognizant's global Corporate Security functions and programs will be responsible for implementation of proscribed control requirements.
Candidates will have a proven ability to infuse innovation and creativity into strategic planning with a focus on programs that provide exceptional customer service, improved application security, and enhanced cyber security operations.
Duties & Responsibilities - Ensure strategic alignment with existing standards and direction for the architecture, installation, andmaintenance of all security components as they relate to the establishment and maintenance of complianceprograms.
- Review and approve operational budgets for APAC & ME security and compliance related activities
- Establishment and enforcement of relevant regulatory structures and programs, compliant controls andinfrastructure
- Leverage Application Security Initiatives and work with Product Management and Application Developmentto integrate Application Security Initiatives into product roadmaps
- Ensure the ongoing management of a Secure Software Development Life Cycle to ensure on time deliveryof application sprints with security compliance and best practices.
- Provide leadership during security incidents and response.
This may include customer engagement andcommunications.
- Responsible for ensuring present and future resource planning needs are met including staffing, softwareand hardware, and 3rd party contracts
- Responsibility for setting direction for:
- Security strategy - Assess, design and implement security strategy and governance program frameworksthat describes the process, controls, organization and infrastructure to manage information security relatedconcerns
- Security implementations - Lead the team to design, implement and integrate security solutions to addressenterprise risks and exposures
- Security governance - Asses, develop, and implement security policies, procedures and standards thatdescribe pragmatic, risk-based mechanisms to maintain the confidentiality, integrity and availability ofinformation systems and the data processed therein, in accordance with Cognizant Corporate policies andprocedures.
- Security monitoring and operations - Oversee the implementation of security solutions to monitor theefficiency and effectiveness of security operations, controls and infrastructure
- Alignment with Cognizant Secure SDLC - Oversee the implementation of secure software development lifecycle framework to enable the rapidly growing business in a low risk profile
- Develop and execute standards for design and operational procedures
- Ensure application best practices are incorporated into hosted solutions
- Develop strategic operational goals based on executive-level IT and customer delivery strategies
- Work with the Chief Security Officer (CSO), the Global Head of Security & Information, and affiliated Centerof Excellence (COE) leaders to ensure Cyber Security practices align with vertical practices, businessobjectives and evolving threat landscape challenges
- Ensure Security / Business strategy alignment by emphasizing a partnership model promoting unified riskvisibility.
- Ensure integration of security into the design and construction phases of DST critical projects
Qualifications & Certifications - Must have a Bachelor's degree or above in a related field or equivalent experience.
Master's or advanceddegree in Systems Assurance or Information Systems Management highly preferred
- 10+ years of Cyber Security experience
- 5+ years of direct leadership experience
- Must have experience with Application Development and Software Assurance in a highly regulated industry
- Must have experience managing the security of large IT networks and regulated data records
- Subject matter expert (SME) in one or multiple areas such as Windows, UNIX, mid-range, firewalls, intrusiondetection, threat detection analysis, and/or information risk management.
- Appropriate strategic security certifications (e.g. CISSP, CISM)
- Strong communication and presentation skills.
Ability to present complex compliance issues in an easy tounderstand manner for executive management.
- Ability to represent architected technical solutions to customers and BU leaders in a non-technical manner
- Experience managing in a complex matrix organization, will need to coordinate and partner acrossCognizant groups, geographic regions and other Lines of Business, while driving a specific Security agenda.
- Comfort working at all levels of seniority, both within the Cognizant organization or other client institutions,industries or government entities.
- Solid and demonstrable comprehension of Cyber Security including malware, emerging threats, attacks, andvulnerability management.
- Experience assisting the resolution of customer escalations
- Experience in a fast paced, occasionally, high stress environment.
- Ability to think strategically; work with a sense of urgency and pay attention to detail.
- Ability to present complex solutions and methods to a general community.
- Independent thinking, willingness to step outside the box and take reasonable