Senior Manager, Security Architecture & Governance (100% Remote)

Primary Responsibilities bull Serve as a Cybersecurity resource and SME for a Product and Platform centric organization – ensuring that security architecture, and governance are integrated with solutions during development while also ensuring that security is designed into actual services from the inception of the project, to production and client delivery bull Day-to-day work with client delivery teams and ensure that delivery teams adhere to Cognizant’s corporate information security architecture, policies, procedures, baselines and guidelines. This is role requires a mix of technical capabilities as well as the know-how to provide security governance over complex applications and projects while also having the ability to articulate complex security concepts to business personnel and non-security personnel bull Work with the application and solution teams to secure SaaS applications including assisting in the overall architecture and design of the solution and supporting components bull Engage with resources across governance, compliance, and technical architects during the lifecycle of a project, supporting the sales cycle, to interacting with prospective clients and client teams to usher in, and provide security assurance, guidance, and advisory bull Coordinate security testing of solutions including result analysis and driving of remediation (SAST, DAST, VM, and penetration testing) bull Interface with Digital business leaders, client architecture teams, corporate architecture and governance personnel, as well as the Cognizant Security (CS) teams. bull Ability to translate technical risk issues and distill such issues to common IT business leaders and upper management bull Work with program managers to develop project plans, estimation documents, specifications, diagrams, and flowcharts bull Solid understanding as to how to mitigate risks with common controls such as WAF’S, IDPS’s, MPS’s, AWL, etc. bull Implement common principles and practices across cloud platforms and provide compliance with industry specific guidelines such as the Security Trust and Assurance Registry from the Cloud Security Alliance.