Senior Security Architect

Role:

• Serve as the Security Lead in the design, implementation, and integration phases of business products and services to meet business security requirements, address corporate risks and exposures in cloud-based solutions
• Thoroughly interact with DevOps, platform engineering team, Network security engineers, and Identity build and run teams. Should be able to guide the teams to drive results and maturity
• Perform threat modelling on the cloud-based scenarios and able to apply the principles to secure the cloud platforms
• Drive security design principles and requirements to enhance ISRMs ability to streamline the implementation of security controls into new and existing solutions
• Enforce the security principles in live scenarios by working closing with landing zone teams
• Serve as security subject matter expert during discussions and meetings with key stakeholders within the business unit and infrastructure teams
• Provide technical security expertise, including communicating security architectural decisions, benefits, risks, and other activities including security requirement definition, and facilitation of security testing and management of residual risk with the product or application teams
• Expert OOP experience C/C++, Java, Python, etc.
• 10+ Years experience in a security-related domain and technologies
• 8+ Years experience in security architecture space
• Expert knowledge of security containers and hands-on experience on SecDevOps principles and has a good handle on end-to-end Sec Dev Ops processes.
• Technologies such Web Application Firewall, Key Management, Secrets Handling, knowledge on the tools which provide services like Single Sign-On, MFA, enabling data security principles in the cloud platforms. Etc Technology and hands-on exposure to Active Directory, Palo Alto Prisma, Advanced firewalls, virtual directory services, etc
• Bachelor's degree in Computer Science, Computer Engineering, or related field required
• Secure business Process & Applications Integration;
• 3rd Party Vendor Integration Risk Assessment;
• Network Security - Segmentation & Zoning across environments, regions, VPCs and security groups;
• Secure Access / Network Connect;
• Remote Access VPN & Private Links / DirectConnect etc;
• Perimeter Protection - Layer 4-7 Security - WAF/LB/ADDoS and Web/Email/API Gateway;
• Secure End Points and Secure Workspace; Secure Hosts and Compute Workloads; Containers / Microservices Security;
• Identity Access Governance; Secure Access for Employees, Vendors & Customers;
• Data Privacy / Protection - Encryption / Anonymization / Tokenization etc;
• Logging, Auditing and Monitoring; Security Incident Response Management;
• Cyber Threat Intelligence; Threat Hunting / Threat Management;
• Insider Threats and Breach Risk Detection and Cyber Forensic;
• Defensive Security and Engineering;
• Vulnerability and Threat Management thereby reducing attack surface improving cyber risk posture of enterprise following Secure Change Configuration management Processes
• Authoritatively drive continuous improvements in key cyber defence capabilities by streamlining technology acquisition and deployment, engineering solutions and driving deployment of innovative processes and controls
• Security Controls Definition & Solutions Architecture Design based on industry specific and regulatory standards & compliances such as ISO27001, NIST 800-53, PCI-DSS, HIPAA and Data Privacy Standards viz GDPR, CCPA etc
• Designs and executes cyber security plans, activities, and policies that protect information infrastructure, customer base, and products.
• Mature cyber defense capabilities, enforces organizational security principles and industry recognized best practices, and demonstrates responsible resource management.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.