Job Description

##

Project description

We are seeking a seasoned Solution Architect with deep expertise in designing and securing complex web and mobile application ecosystems. This role requires a strategic mindset combined with hands-on technical proficiency to assess risks, define robust security architectures, and drive secure development practices across the SDLC.


##

Responsibilities

Architect and implement security solutions for web and mobile platforms, aligned with business objectives and compliance standards.


Should have experience with Backbase, additiv, Crealogix, and Avaloq.


Perform threat modeling, application security assessments, static and dynamic code reviews, and vulnerability analyses.


Define security requirements and best practices across the Secure Software Development Lifecycle (SDLC).


Lead penetration testing initiatives and collaborate with cross-functional teams to mitigate identified risks.


Establish governance and control frameworks to ensure ongoing security posture management.


Advise development and infrastructure teams on secure design patterns and architectural decisions.


Stay current with emerging threats, technologies, and industry trends.


Proven experience building and securing scalable web and mobile applications.


Deep understanding of application security principles, secure architecture, and risk management.


Proficiency in tools and methodologies for penetration testing, code analysis, and vulnerability assessment.


Strong knowledge of Secure SDLC practices and integration of security into CI/CD pipelines.


Excellent communication skills to engage stakeholders, developers, and leadership.


##

Skills

Must have


Overall, 10+ years of experience as a Solution Architect.


Proven experience in building and securing web and mobile applications.


Strong knowledge of security architecture and secure coding principles.


Hands-on experience in:


Application security assessments


Penetration testing


Vulnerability assessment


Secure SDLC practices


Static code review tools (e.g., Fortify, Checkmarx, SonarQube)


Familiarity with OWASP Top 10 and CWE/SANS Top 25


Excellent problem-solving and communication skills


Nice to have


Certified Secure Software Lifecycle Professional (CSSLP)


Experience with cloud security (AWS, Azure, GCP)


Knowledge of regulatory and compliance frameworks (e.g., ISO 27001, GDPR, PCI-DSS)


##

Other

Languages


English: C2 Proficient


Seniority


Senior



Bengaluru, India


Req. VR-116007


Solution/Integration Architecture


BCM Industry


17/07/2025


Req. VR-116007