Enterprise Security Architect - Threat Detection

Job Description : Responsibility : - Develop security strategy plans and roadmaps based on sound enterprise architecture practices - Develop and maintain security architecture artifacts (e.g., models, templates, standards and procedures) that can be used to leverage security capabilities in projects and operations - Track developments and changes in the digital business and threat environments to ensure that they're adequately addressed in security strategy plans and architecture artifacts - Participate in application and infrastructure projects to provide security-planning advice - Draft security procedures and standards to be reviewed and approved by executive management and/or formally authorized by the CIO - Determine baseline security configuration standards for operating systems (e.g., OS hardening), network segmentation, and identity and access management (IAM) - Develop standards and practices for data encryption and tokenization in the organization, based on the organization's data classification criteria. - Coordinate with DevOps teams to advocate secure coding practices, and to escalate concerns related to poor coding practices to the CIO. - Validate IT infrastructure and other reference architectures for security best practices and recommend changes to enhance security and reduce risks, where applicable - Liaise with the internal audit (IA) team to review and evaluate the design and operational effectiveness of security-related controls. Main duties : - Design, build, implement and support enterprise-class security systems. - Align organizational security strategy and infrastructure with overall business and technology strategy. - Plan, research and design robust security architectures for any IT project - Govern Cloud Security Architecture & Implementation including vendors like Azure, AWS, GCP, etc - Provide technical direction & oversight to integration teams from a security perspective - Identify and communicate current and emerging security threats and design security architecture elements to mitigate threats as they emerge. - Implementation of security measures to meet business goals, needs and regulatory requirements. - Guide and monitor teams performing vulnerability testing, risk analyses and security assessments. - Optimize security solutions at Infrastructure level including firewall, VPN, routers, IDS scanning technologies and servers to meet compliance. - Work on projects with high strategic impact, setting a strategy that can be used in the long term and across the breadth of the organization. - Create solutions that balance business requirements with information and cyber security requirements. - Identify security design gaps in existing and proposed architectures and recommend changes or enhancements. - Help teams to Test security systems to ensure they behave as expected. - Define, Implement and maintain corporate security policies and procedures. - Train users in implementation or conversion of systems. - Respond immediately to security-related incidents and provide architectural solutions and analysis. - Regularly communicate vital information, security needs and priorities to senior Essential : - Bachelor's or master's degree in computer science, information systems, cyber security, or a related field. - 10 years of experience and preferably 6years hands-on experience in security architecture - Ability to articulate complex technical designs into requirements for consumption by delivery squads - Direct, hands-on experience or strong working knowledge of managing security infrastructure e.g., firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), endpoint protection, SIEM and log management technology. - Verifiable experience reviewing application code for security vulnerabilities - Direct, hands-on experience or a strong working knowledge of vulnerability management tools - Documented experience and a strong working knowledge of the methodologies to conduct threat-modeling exercises on new applications and services. Full-stack knowledge of IT infrastructure : o - Applications - Databases - Operating systems Windows, Unix and Linux - Hypervisors - IP networks WAN and LAN - Storage networks Fibre Channel, iSCSI and NAS - Backup networks and media - Direct experience designing IAM technologies and services: - Active Director - Lightweight Directory Access Protocol (LDAP) - Amazon Web Service (AWS) IAM Strong working knowledge of IT service management (e.g., ITIL-related disciplines) : - Change management - Configuration management - Asset management - Incident management - Problem management Experience designing the deployment of applications and infrastructure into public cloud services. Desirable: Experience of working in Financial Services. Engineering Graduate. TOGAF Certified or equivalent Knowledge of the below standards o Payment Card Industry Data Security Standard (PCI-DSS) o HIPAA-HITECH o Validated Systems (e.g., GAMP) o Sarbanes-Oxley o General Data Protection Regulation (GDPR) o Privacy Practices o ISO 27001/2 o NIST Cyber security Framework (CSF) o ITAR (ref:hirist.tech)

Location: mumbai, IN

Posted Date: 2/14/2025