Application Security Architect

The Role TCS BFSI Products and Platforms unit provides end-to-end Digital Platform-as-a-Service capabilities for Banking, Financial Services and Insurance customers. Developing products and implementing them for Customers of TCS BFSI Products and Platforms is a major activity within the Digital units engineering team. The Digital product engineering team is set up to build new product features, deploy, test and package the solutions using the Development platform. Both solution and development platforms are growing with new capabilities and implementations. Thus, we need a dedicated Security Architect to be part of the product engineering and implementation team to assess the implementation of new capability from a threat perspective, perform a security audit and present a report to the security organisation of TCS, customer and other parties as necessary. Also, anchor discussion with the customer to position how assets are securely managed. Key responsibilities: Architecture Review, Threat modelling, Residual Risk assessments Provide secure solutions and mitigation controls for the identified risk for the development of new features within product, customer implementation and development platform Support for SAST and DAST and provide requirements for penetration testing Monitor SAST and DAST report; good to have knowledge of Burpsuite Enterprise Edition, Fortify and ZAP Proxy, and NMAP tools for the same Support Platform RFPs and provide secure solutions on AWS and On-Premise Monthly Platform Access Recertification Process and Joiner, Mover and Leaver (JML) processes Tracking the change management process within the Platform Monitoring the AWS inspector scan reports and AWS VPC flow logs Adhering the Platform to TCS security requirements For External Sources: The Role #J-18808-Ljbffr