Job Description

Project Role :

Security Architect

Project Role Description :

Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations.

Must have skills :

Application Security

Good to have skills :

NA

Minimum

5

year(s) of experience is required

Educational Qualification :

15 years full time education



Summary: As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and transitioning to cloud security-managed operations, all while ensuring compliance with industry standards and best practices. Roles & Responsibilities: - Expected to be an SME. - Collaborate and manage the team to perform. - Responsible for team decisions. - Engage with multiple teams and contribute on key decisions. - Provide solutions to problems for their immediate team and across multiple teams. - Facilitate training sessions to enhance team knowledge and skills. - Evaluate and recommend security tools and technologies to improve the security posture. Professional & Technical Skills: - Must To Have Skills: Proficiency in Application Security. - Strong understanding of cloud security principles and practices. - Experience with threat modeling and risk assessment methodologies. - Knowledge of security frameworks such as NIST, ISO 27001, and CIS. - Familiarity with secure coding practices and application vulnerability assessments. 1. Static Application Security Testing (SAST), Dynamic Application Security Testing(DAST) & Application Vulnerability Reduction. o Monitor SAST, DAST and container scanning.Perform false positive analysis.Provide recommendations to remediate vulnerability. o Perform static and dynamic analysis of financial applications (e.g., trading platforms, mobile banking apps, customer portals). o Identify vulnerabilities such as injection flaws, insecure authentication, and data exposure. o Map findings to OWASP Top 10 and financial-specific threat models. 2. Container Security o Assess container lifecycle security: image creation, registry management, deployment, and runtime. o Implement image scanning (e.g., Wiz), runtime protection (e.g., Wiz Sensor), and Kubernetes RBAC policies. o Secure CI/CD pipelines and integrate container security into DevOps workflows. Additional Information: - The candidate should have minimum 5 years of experience in Application Security. - This position is based at our Bengaluru office. - A 15 years full time education is required.




15 years full time education