Senior Security Architect & Engineer
Start
31-05-2025
Duration
7-9 months
Summary
We are seeking a hands-on Security Architect & Engineer who blends strategic thinking with deep technical expertise. This hybrid role involves designing secure architectures, implementing security controls, and actively supporting security operations across IT and cloud environments. The ideal candidate can define long-term security strategies while also being deeply engaged in day-to-day engineering and incident response activities.
Main Responsibilities
- Security Architecture
- Design secure, scalable architectures that align with business goals and regulatory requirements.
- Design security solutions that integrate seamlessly with existing IT systems both internally and for our customers.
- Evaluate and recommend security technologies, frameworks, and practices across IT, OT, and cloud.
- Ensure implementation of access control and identity management, including least privilege, RBAC, MFA, and SSO controls.
- Security Engineering
- Apply secure configuration baselines and hardening across operating systems, databases, and cloud environments.
- Automate security processes where possible to improve efficiency and reduce manual overhead.
- Support performing security and vulnerability assessments.
- Support IT teams in implementing patches.
- Support infrastructure-as-code and DevSecOps practices in CI/CD pipelines.
- Security Operations
- Collaborate with SOC and IT teams to detect, investigate, and respond to security incidents.
- Support threat hunting, root cause analysis, and post-incident improvement efforts.
- Maintain and evolve incident response and disaster recovery plans.
- Risk, Compliance & Governance
- Identify and assess security risks associated with IT systems and develop strategies to mitigate these risks.
- Develop, document, and enforce security policies, standards, and procedures.
- Conduct risk assessments and implement risk mitigation measures and monitor their effectiveness.
- Ensure compliance with frameworks and regulations such as NIS2, GDPR, ISO 27001, NIST, IEC 62443.
- Provide security input into vendor and third-party assessments.
- Stay informed about emerging regulatory requirements and adjust security architecture accordingly.
- Collaboration & Communication
- Act as a trusted advisor to internal teams on security best practices and secure solution design.
- Translate complex security topics into actionable guidance for both technical and business stakeholders.
- Participate in architecture boards, project reviews, and security steering committees.
- Key Requirements
- Bachelor’s degree in Information Security, Computer Science, or a related technical field.
- 8–12 years of cybersecurity experience, with both architectural and hands-on engineering background.
- Demonstrated experience in designing and implementing IT/cloud security architectures.
- Strong working knowledge of Microsoft Azure, AWS, or OCI security services.
- Working knowledge in regulatory compliance requirements e.g., NIS2, GDPR.
- Practical experience with tools such as SIEM, EDR, vulnerability scanners, and cloud-native controls.
- Knowledge of IAM concepts including SSO, MFA, PAM, and access reviews.
- Strong understanding of regulatory frameworks (NIS2, GDPR, ISO 27001, IEC 62443).
- Familiarity with GRC tools and security and risk assessment methodologies.
- Relevant certifications a plus: CISSP, CISM, CEH or similar.
- Nice to Have
- Advanced knowledge in cloud security architecture and best practices.
- Experience with automation tools and scripting to enhance security processes.
Other Details
This role may involve remote work options and requires collaboration across various teams in a fast-paced environment. The successful candidate will have the chance to work on critical security initiatives.
Yashashwini Murugan
Recruiter
+91 8049744844
Apply Job!