QUALIFICATIONS:

• Educational Background: Bachelor’s or master’s degree in computer science, information systems, cybersecurity, or a related field, or comparable experience.
• Certifications: CISSP, CISA, TOGAF, GAIC, or CISM preferred.
• Technical Expertise: Hands-on experience with application security, threat modeling, secure coding practices, and vulnerability management.
• Regulatory Knowledge: Familiarity with regulations and frameworks such as HIPAA, GDPR, ISO 27001/2, and NIST CSF.
• Business Acumen: Strong strategic planning, communication, financial analysis, and project management skills.

DISCLAIMER:

Nothing in this job description restricts management’s right to assign or reassign duties and responsibilities of this job to other entities; including but not limited to subsidiaries, partners, or purchasers of Alight business units.
Alight Solutions provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, age, disability, genetic information, pregnancy, childbirth or related medical condition, veteran, marital, parental, citizenship, or domestic partner status, or any other status protected by applicable national, federal, state or local law. Alight Solutions is committed to a diverse workforce and is an affirmative action employer

• Strategic Vision: Help develop and maintain a comprehensive application security architecture for our products that aligns with our business goals and technology landscape.
• Innovative Solutions: Design and implement security solutions that leverage the latest technologies and best practices for application security.
• Risk Management: Translate business objectives and risk management strategies into actionable security processes for our products.
• Security Standards: Establish and enforce security configuration standards for application development, deployment, and maintenance.
• Data Protection: Develop standards for data encryption and tokenization to safeguard sensitive information within our products.
• Continuous Improvement: Stay ahead of emerging threats and technologies to ensure our product security posture remains robust and adaptive.