Job Description

Project Role :

Security Architect

Project Role Description :

Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations.

Must have skills :

Governance Risk and Compliance (GRC) Platforms

Good to have skills :

NA

Minimum

12

year(s) of experience is required

Educational Qualification :

15 years full time education



Summary: As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitating the transition to cloud security-managed operations. You will engage in discussions to align security strategies with organizational objectives, ensuring that all security measures are effectively integrated into the cloud environment. Additionally, you will assess the effectiveness of existing security protocols and recommend enhancements to improve overall security posture. Roles & Responsibilities: -Define and operationalize IT & Cyber Governance frameworks aligned to business strategy -Establish and maintain policies, standards, procedures, and control frameworks -Drive governance for cloud, IAM, PKI, data protection, and infrastructure platforms -Chair or support Technology Risk & Governance forums / steering committees -Ensure alignment between IT, Security, Legal, Privacy, and Business teams -Lead technology and cyber risk assessments (inherent & residual risk) -Maintain enterprise technology risk register and mitigation roadmap -Perform third-party / vendor risk assessments for technology providers -Support risk acceptance, remediation tracking, and executive reporting -Integrate risk insights into strategic and operational decision-making -Ensure compliance with relevant standards and regulations such as:ISO 27001 / 27002, SOC 1 / SOC 2, NIST CSF / NIST 800-53, PCI-DSS, SOX, GDPR, HIPAA (as applicable) -Lead internal and external IT & security audits -Manage control testing, evidence collection, and audit remediation -Act as key point of contact for auditors and regulators -design and effectiveness of IT General Controls (ITGCs) and cyber controls -Partner with technical teams on control implementation and automation -Ensure governance over identity, access, encryption, logging, vulnerability management -Track and report control health and compliance metrics -Lead and mentor GRC analysts and managers -Act as trusted advisor to senior leadership -Drive GRC maturity roadmap and continuous improvement initiatives -Coordinate with global teams and service providers Professional & Technical Skills: - Must To Have Skills: Proficiency in Governance Risk and Compliance (GRC) Platforms. - Strong understanding of risk assessment methodologies and compliance frameworks. - Experience with cloud security architecture and implementation. - Knowledge of regulatory requirements and industry standards related to information security. - Ability to analyze security incidents and develop mitigation strategies. Additional Information: - The candidate should have minimum 12 years of experience in Governance Risk and Compliance (GRC) Platforms. - This position is based at our Gurugram office. - A 15 years full time education is required.




15 years full time education