Application Security Architect

Job Title : Application Security Architect (GCP)

Company : TekDoors Inc.

Location : Bengaluru, Karnataka, India

About TekDoors Inc.

At TekDoors Inc., we believe that security is a top priority for our business, our partners, and our customers. As cyber-attacks increase and compliance is more rigorously enforced, we are constantly looking to stay ahead of evolving threats and protect our business and future. We are dedicated to leveraging the latest technology and fostering a collaborative environment to build secure and resilient solutions.

About the Role :

We are seeking a highly skilled and dedicated Application Security Architect with expertise in Google Cloud Platform (GCP) to join our dynamic security team. In this critical role, you will be instrumental in designing, implementing, and maintaining robust security architectures for our applications hosted on GCP. You will be at the forefront of identifying emerging threats, proactively developing solutions, and ensuring our systems are secure against evolving cyber risks. If you are passionate about cybersecurity, possess deep knowledge of GCP security services, and are driven to protect sensitive data and infrastructure, we encourage you to apply.

Key Responsibilities :

As an Application Security Architect (GCP) at TekDoors Inc., you won't just see the problem coming, you'll see the solution. While no two days are the same due to the dynamic nature of cyber threats, here are some core responsibilities you can count on :

Security Architecture Design & Implementation :

- Design, develop, and implement secure application architectures within the Google Cloud Platform (GCP) environment.

- Lead the integration of security into the entire Software Development Life Cycle (SDLC) from design to deployment.

- Define and enforce security best practices, standards, and guidelines for application development and deployment on GCP.

- Evaluate and recommend new security technologies and solutions to enhance our application security posture on GCP.

Threat Modeling & Risk Assessment :

- Conduct comprehensive threat modeling and risk assessments for applications and systems hosted on GCP.

- Identify potential vulnerabilities and design weaknesses in application architecture and propose effective mitigation strategies.

- Collaborate with development teams to ensure security is built into the application from the ground up.

Security Controls & Compliance :

- Implement and manage security controls relevant to GCP services, including Identity and Access Management (IAM), network security (VPC, firewall rules), data encryption, and logging/monitoring.

- Ensure applications and infrastructure on GCP comply with relevant industry standards, regulations, and internal security policies (e.g., GDPR, SOC 2, ISO 27001).

- Assist in external audits and compliance efforts related to GCP security.

Vulnerability Management & Remediation :

- Work closely with development and operations teams to identify, prioritize, and remediate security vulnerabilities in applications and infrastructure.

- Provide expert guidance on secure coding practices and vulnerability remediation techniques.

- Participate in security incident response activities as needed, providing architectural insights and support.

Mentorship & Knowledge Sharing :

- Serve as a subject matter expert in GCP application security, mentoring and guiding development teams on secure coding and cloud security best practices.

- Conduct security training and awareness programs for engineers and other stakeholders.

- Stay abreast of the latest security trends, vulnerabilities, and emerging threats in the cloud security landscape, particularly within GCP.

Tooling & Automation :

- Evaluate, implement, and integrate security tools for static analysis (SAST), dynamic analysis (DAST), and cloud security posture management (CSPM) within the GCP environment.

- Promote and implement automation for security tasks and controls in CI/CD pipelines.

Required Skills & Experience :

Experience :

- Proven experience as an Application Security Architect or a similar senior security role.

- Extensive hands-on experience with security architecture and implementation within Google Cloud Platform (GCP).

- Demonstrated experience in threat modeling, risk assessments, and vulnerability management.

- Experience working across the entire SDLC with a strong focus on integrating security.

Technical Expertise :

- Deep understanding of GCP security services and features (e.g., Cloud IAM, VPC Service Controls, Cloud Security Command Center, Cloud Key Management Service, Cloud Armor, Security Health Analytics, etc.).

- Strong knowledge of application security principles, secure coding practices, and common web application vulnerabilities (OWASP Top 10).

- Proficiency in security best practices for containers (e.g., Docker, Kubernetes, GKE).

- Familiarity with scripting languages (e.g., Python, Go) for automation of security tasks.

- Knowledge of network security concepts (firewalls, WAFs, IDS/IPS, VPNs) in a cloud environment.

Compliance & Standards :

- Solid understanding of relevant security frameworks and compliance standards (e.g., NIST, ISO 27001, SOC 2, PCI DSS).

- Familiarity with data privacy regulations (e.g., GDPR, CCPA).

Soft Skills :

- Exceptional analytical and problem-solving skills with a proactive approach to identifying and mitigating security risks.

- Strong leadership and mentorship abilities, with the capacity to influence and motivate technical teams.

- Excellent communication skills, both written and verbal, with the ability to articulate complex security concepts to technical and non-technical stakeholders.

- Ability to work independently and as part of a collaborative team in a fast-paced environment.

- Strong documentation skills for architectural designs, security policies, and procedures.

Education & Certifications :

- Bachelor's degree in Computer Science, Information Security, or a related field.

- Relevant industry certifications such as Google Cloud Professional Security Engineer, CISSP, CSSLP, CCSP, or equivalent are highly desirable.

Why Join TekDoors Inc.?

This is an unparalleled opportunity to secure your career at a company where your expertise in cloud security will directly impact our business and future. You will be part of a forward-thinking team dedicated to innovation and excellence in cybersecurity. We offer a challenging yet rewarding environment where you can continuously learn, grow, and make a significant difference.