Security Architect

Role: Security Architect
Location
: Kharadi, Pune

Life Unlimited.
At Smith+Nephew, we design and manufacture technology that takes the limits off living.

This role will be reporting to the Director of Information & Cyber Security Architecture, and the candidate will lead technical projects across a range of platforms, delivering solutions based on the company portfolio. The candidate will have direct responsibility for designing secure architecture and implementation of projects using BAU service teams with some requirement for firsthand involvement. The candidate will have demonstrable experience of leading large, complex IT service projects, including IT outsource service transition and transformation.

What will you be doing?

• Be conversant with modern Security requirements and processes, including ISO, SOX, HIPAA, and Data Protection standards.
• Work with the Security ITLT team to continually develop the Security profile including Policies & Tooling.
• Work with projects and initiatives to apply security architecture policies, standards, and requirements; develop solutions; integrate security into solution designs; assess risks of security gaps; and develop architecture remediation.
• Responsible for creating, defining, and maintaining security standards and policies.
• Responsible for creating RFP documents to include Requirements, conducting POVs.
• Able to create Pen Testing scopes of work and run both infrastructure and application tests with vendors.
• Work with other teams to implement secure design principles and associated tools.
• Work with other solution architects to engineer, implement, and monitor security measures for the protection of computer systems, networks, and information.
• Assist Service Architect with transitioning projects and initiatives into production service.
• Create comprehensive reports including assessment-based findings, outcomes, and propositions for further system security enhancement.
• Develop technical solutions and security tools to help mitigate security vulnerabilities and automate repeatable tasks.
• Assist in configuration and troubleshooting security infrastructure devices.
• Consult with Smith & Nephew teams to ensure visibility of Security activities.
• Develop deep knowledge of Smith & Nephew cloud architecture and security to guide development teams.
• Provide input on technology selection and help drive best practices.
• Identify emerging patterns of risk within Smith & Nephew solutions and design solutions to mitigate those risks.
• Develop security solutions with reference to frameworks such as Cloud Security Alliance (CSA).
• Design security solutions to meet specific requirements such as CIS and NIST controls.

What will you need to be successful?

• Education: Bachelor's degree in IT, Computer Science IT Engineering, or a relevant field.
• Licenses/Certifications: Industry-accepted IT Security certifications e.g., CISSP-ISSMP, CCSP, SANS, and TOGAF required.
• Should have professional experience of a minimum of 10 years and above in the IT Security and architecture field, operating at a senior level in the private or public sector with a demonstrable history of managing risk & operational security services, is essential.
• Analytical thinking and critical thinking skills with a focus on results.
• Experience working with enterprise systems and operating systems, such as Linux, Microsoft Windows, Active Directory, and Group Policy.
• Knowledge of networks, IP addressing, switches, gateways, DHCP, DNS, firewalls (Palo Alto knowledge is very useful), etc.
• Experience implementing Security controls on Network equipment both on-premises and in cloud solutions.
• Experience of creating RAS solutions for both IT & OT users.
• Experience of working with Cloud Architecture solutions (AWS / Azure) is needed.
• Able to create solutions and work with numerous teams in both the IT and OT spaces.
• Good understanding of security-related technology like firewalls, WAFs, IDS/IPS systems, SIEM systems, etc.
• Knowledge of office automation tools, databases, and other forms of data repositories.
• Experience implementing and administering security tooling within a large enterprise.
• Experience of multi-vendor, managed outsourcing environments.
• Experience with risk management activities (risk assessment, gap analysis, business impact analysis, threat and vulnerability evaluations, etc.) to help the enterprise reach an acceptable level of risk.
• Experience extracting data in various formats and importing or injecting this data into other systems or making data the basis of custom management reports. (.txt, .CSV, SNMP, XML, JSON, CEF, Syslog, APIs).
• Experience developing parsers or code to facilitate reading of data files.
• Knowledge of scripting and programming across different applications and operating systems, e.g., VBA, Python, WSH, PowerShell, C++, Pascal, and C-shell.
• Experience working with Programme Managers and operational staff to deliver projects, including development of project plans, project goals and objectives, tasks, required resources, timelines, and help with project transition into live service.
• Experience of collaborating with vendor organizations, client organizations, and internal technical and management teams at all levels to achieve objectives.
• Experience in identifying, innovating, and developing solutions to support business processes.
• Experience with developing documentation and report writing and technical diagrams.
• Understanding of "Secure by Design" solutions.
• Deep understanding of Security Operations Center technologies and capabilities.
• Knowledge of ISO27001, GDPR, SOX Sarbanes, and HIPAA.
• Understanding of the techniques, tools, and processes used by hackers.

You Unlimited.
We believe in crafting the greatest good for society. Our strongest investments are in our people and the patients we serve.

Inclusion + Belonging:
- Committed to Welcoming, Celebrating, and Thriving. Learn more about our Employee Inclusion Groups on our website ).

Other reasons why you will love it here

• Your Future: Major medical coverage + policy exclusions and insurance non-medical limit. Educational Assistance.
• Work/Life Balance: Flexible Personal/Vacation Time Off, Privilege Leave, Floater Leave.
• Your Wellbeing: Parents'/Parents-in-Law's Insurance (Employer Contribution of 8,000/- annually), Employee Assistance Program, Parental Leave.
• Flexibility: Hybrid Work Model (For most professional roles)
• Training: Hands-On, Team-Customized, Mentorship
• Extra Perks: Free Cab Transport Facility for all employees; One-Time Meal provided to all employees as per shift. Night shift allowances.

Stay connected by joining our Talent Community.

We're more than just a company - we're a community Follow us on LinkedIn to see how we support and empower our employees and patients every day.

Check us out on Glassdoor for a glimpse behind the scenes and a sneak peek into
You. Unlimited.
, life, culture, and benefits at S+N.

Explore our website and learn more about our mission, our team, and the opportunities we offer.