Job Description

Description :


We are seeking a highly skilled and experienced Security Architect to join our team. The ideal candidate will be responsible for designing, implementing, and managing security architectures to protect our organization's data, systems, and infrastructure. This role involves ensuring the confidentiality, integrity, and availability of data through proactive risk management, security strategy development, and implementation of security protocols.


No of Vacancies:


• 1

Experience:


• 5+ years

Qualification:


• B.Tech/ B.E./ MCA or higher in a related field
Location:


• Expected to travel and be stationed across various States in India as per project requirement.
Skills/Requirements :


• Expertise in configuring and managing firewalls, VPNs, IDS/IPS systems and security policies to protect internal networks.
• Strong understanding of encryption algorithms (AES, RSA, SSL/TLS) and key management strategies for ensuring data confidentiality and integrity.
• Proficiency in endpoint security solutions such as antivirus, EDR (Endpoint Detection and Response) and mobile device management.
• Expertise in IAM solutions, including role-based access control (RBAC), Multi-Factor Authentication (MFA), and Single Sign-On (SSO) protocols (e.g., LDAP, OAuth, SAML).
• Experience with SIEM tools (e.g., Splunk, LogRhythm, IBM QRadar) to monitor, detect, and respond to security events across systems.
• Knowledge of tools that monitor network and system activities for malicious activity or policy violations.
• Expertise in securing cloud environments by configuring identity and access management, encryption, and network security solutions specific to cloud platforms.
• Experience with securing containerized applications, microservices, and serverless architectures (e.g., Docker, Kubernetes).
• Familiarity with cloud security solutions such as AWS Security Hub, Azure Security Center, and Google Cloud Security Command Center.
• Knowledge of industry regulations and standards (e.g., GDPR, HIPAA, PCI-DSS, SOC 2, ISO 27001), and the ability to design security systems that ensure compliance.
• Expertise in designing secure network architectures, including segmentation, firewalls, VPNs, and intrusion detection systems.
• In-depth understanding of network protocols such as TCP/IP, DNS, HTTP/HTTPS, IPsec, and SSL/TLS to secure data transmissions.
• Familiarity with penetration testing techniques and tools (e.g., Kali Linux, Metasploit) to identify vulnerabilities in systems and applications.
• Ability to design disaster recovery (DR) and business continuity plans (BCP) to minimize the impact of security incidents and ensure quick recovery.
• Knowledge of automating security processes using tools like Ansible, Terraform, and Puppet to implement continuous security throughout the development and deployment pipeline.
• Familiarity with embedding security practices into DevOps workflows, ensuring security controls are applied during the software development lifecycle (SDLC).
Qualification:


• B.Tech/ B.E./ MCA or higher in a related field.
• Any leading certification in IT security architect.
• At least 5 years of experience in solutioning of IT based security for large IT/ITeS projects in the role of security architect (projects in Government Sector/Public Sector/Private Sector).
• Fluency in English and Hindi (Speaking, reading & writing).
Responsibilities:



Security Architecture Design and Implementation:




• Develop, design, and implement comprehensive security architectures for the organization's IT infrastructure, including networks, cloud systems and on-premises environments.
• Define security strategies, frameworks and roadmaps to ensure alignment with business objectives while minimizing security risks.
• Oversee the seamless integration of security solutions such as firewalls, intrusion detection systems (IDS), intrusion prevention systems (IPS) and endpoint protection into the organization's existing systems and applications.


Risk Management and Threat Analysis:




• Conduct risk assessments to identify and evaluate potential vulnerabilities and threats in the organization's IT environment, both current and in future projects.
• Create threat models for various systems and applications, identifying possible attack vectors and recommending appropriate countermeasures.
• Design and implement strategies to mitigate identified risks, including recommending appropriate security controls and technologies.


Security Policies and Compliance:




• Establish and enforce security policies, procedures, and standards based on industry best practices and regulatory requirements.
• Ensure that security solutions and architectures meet relevant regulatory and industry standards, such as GDPR, HIPAA, PCI-DSS, SOC 2, etc.
• Conduct periodic security audits and assessments to evaluate compliance with established security standards and policies. Implement continuous monitoring to detect anomalies and security breaches.


Security Infrastructure Management:




• Oversee the design and implementation of secure network architectures ensuring secure communication and data exchange both internally and externally.
• Develop and manage Identity Access Management frameworks to control user access to critical systems, ensuring appropriate authorization, authentication and auditing procedures are followed.
• Evaluate, deploy and maintain security tools such as firewalls, antivirus software, vulnerability management tools, encryption solutions, and security information and event management (SIEM) systems.


Incident Response and Recovery:




• Develop and implement an incident response plan to quickly address and mitigate the impact of security incidents or breaches.
• Act as a lead during security incidents, providing technical expertise and guidance on how to contain, investigate, and resolve security breaches.
• Ensure the organization has a disaster recovery and business continuity plan those accounts for security threats, providing a blueprint for maintaining essential operations during and after a breach.


Security Awareness and Training:




• Lead initiatives to educate and train employees on security best practices, data protection and threat awareness.
• Develop and run regular security awareness campaigns and initiatives to ensure that the organization's staff understand emerging threats and how to mitigate them.


Collaboration with IT and Business Units:




• Work closely with other IT and business teams to integrate security into every aspect of IT infrastructure, software development and operational processes.
• Collaborate with system designers, network engineers and developers to design secure systems and applications from the start, incorporating security at all stages of the development lifecycle.


Research and Evaluation of Emerging Technologies:




• Stay updated on emerging security technologies, industry trends, and new threats, ensuring that the organization's security posture evolves accordingly.
• Propose and evaluate innovative security solutions that improve existing security processes and reduce exposure to evolving threats.


Documentation and Reporting:




• Maintain comprehensive documentation for all security-related designs, policies, and procedures to ensure clarity, consistency, and auditability.
• Provide regular reports on the status of security initiatives, risk assessments, incidents, and compliance audits to senior management and stakeholders.


Posted On :


Dec 17, 2024
Last date of Submission :


Jan 15, 2025