Senior Security Architect

About the RoleWe are seeking a Security Architect to design, implement, and maintain secure enterprise systems that protect our organisation’s critical assets. You’ll serve as the technical leader and strategic advisor on all security aspects from architecture design and implementation to incident response readiness.This is a hands-on, high-impact role for someone who thrives on solving complex security challenges and wants to shape the future of our Cloud/Platform security strategy.Job DescriptionRole : Security ArchitectRole Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations.Must have skills : Pentest design and implementation. AWS Security, Network and Workload hosting services. EKS, ECS workload security.Minimum experience: 8 yearsSummary:We are looking for an experienced and detail-oriented Security Delivery Specialist to support the planning, implementation, and delivery of cybersecurity services primarily across AWS, GitHub, Docker based platforms. The candidate will have practical expertise in DevSecOps, AWS based security best practices design and implementation. Terraform and Serverless architecture knowledge will play a key role in delivering secure, scalable, and compliant security solutions.Roles & responsibilities:• Design and Implement PenTest security solutions and automation for EKS/ECS based Banking and Financial sector applications.• Play a security advisor role. Guide the Dev and Cloud teams to implement industry best Code quality practices.• Improve the Static Code Scan quality. Optimise GitHub repo scans and Docker Image scans. Implement Zero trust practices.• Study the market standard security pipeline tools. Recommend the best practices and guidelines to the management. Introduce new and more relevant tools to the current pipeline.• Translate business and technical requirements into well-architected security solutions and support delivery from design to deployment.• Configure and fine-tune the deployment architecture, End-to-End security automation workflows, alerts, and monitoring.• Coordinate with engineering, operations, and risk teams to ensure consistent and secure delivery of services.•Ensure adherence to industry standards (ISO 27001, NIST, PCI-DSS, SOC2) and regulatory requirements (RBI, GDPR, etc.).•Conduct periodic security reviews, audits, and risk assessments.•Implement and oversee endpoint and workload protection strategies across developer, build, and production environments.•Ensure endpoints (developer laptops, jump hosts, CI/CD agents) comply with organizational security baselines (anti-malware, disk encryption, posture checks).•Integrate EDR/XDR solutions (e.g., CrowdStrike, SentinelOne, Defender for Endpoint) with central monitoring and SIEM systems.•Define and enforce policies for endpoint hardening, patch management, and vulnerability remediation.• Create technical documentation, deployment guides, playbook, and knowledge transfer materials for clients and internal teams.• Collaborate with Development Leads, Delivery Leads and Stakeholders to ensure timely and successful delivery of security services.• Contribute to continuous improvement initiatives and automation of security best practices.Professional & Technical Skills:• Strong stakeholder engagement and collaboration capabilities.• Excellent organizational and project coordination skills.• Ability to clearly communicate technical information to both technical and non-technical audiences.• Proactive mindset with a focus on security service quality and consistency.• Experience working in delivery frameworks such as Agile, ITIL.• Able to manage key vault and secret rotation AWS Devops, Github, CICD, Terraform.• Design and maintain cloud security architecture primarily on AWS, with awareness of Azure/GCP frameworks.• Integrate security controls in CI/CD pipelines (GitHub Actions, Jenkins, GitLab CI, etc.).• Automate security testing (SAST, DAST, container scans, IaC scans) as part of DevSecOps workflows.• Strong understanding of incident response and threat management.• Experience with security monitoring tools and technologies.• Familiarity with scripting, infrastructure-as-code, and automation tools is a plus.• Required active participation/contribution in solution discussions• Experience in designing and implementing security solutions.• Implement and operationalize Modification Detection Code (MDC) for cloud security posture management and workload protection.• Knowledge of network security protocols and best practices.