Security Architecture and ENGINEERING

Job Description Main Purpose of the Role: The Cyber Security Architect is responsible for defining, designing, and governing secure architecture standards across the enterprise. The role ensures that all technology solutions, IT projects, cloud platforms, and cybersecurity tools align with the organization’s security strategy, regulatory expectations, and risk management frameworks. The Architect acts as the senior security advisor for delivery teams, evaluates new solutions, drives integration of security technologies, and provides SME guidance on core cybersecurity domains and enterprise tools. Key Responsibilities: Security Architecture & Design · Develop, maintain, and publish enterprise security architecture standards, patterns, reference models, and future-state architecture roadmaps. · Embed security architecture principles across cloud, on-prem, application, data, network, and endpoint environments. · Review project solution designs and provide approved secure architecture recommendations including cloud security, segmentation, encryption, and monitoring requirements. · Translate business and technology needs into secure, scalable, compliant, and cost-effective designs. · Support secure-by-design adoption across projects, platforms, and engineering teams. Technology Governance & Assurance · Conduct architectural assessments, design reviews, and security evaluations for new initiatives and major IT changes. · Validate the configuration and integration of enterprise cybersecurity tools against architectural standards. · Ensure adherence to regulatory and compliance frameworks (ISO 27001, NIST CSF, CIS, GDPR, RBI/SEBI guidelines, etc.). · Maintain alignment with enterprise architecture, global cybersecurity strategy, and risk appetite. Cybersecurity SME – Domain Expertise Provide deep subject-matter expertise across all core cybersecurity domains and associated security tools/platforms. The role ensures end-to-end architectural coverage, tool alignment, and technical leadership across the following: · Cloud Security (AWS, Azure, GCP): Architect secure cloud landing zones, policies, identity models, segmentation, and monitoring using Prisma Cloud, Wiz, Microsoft Defender for Cloud, AWS Security Hub, cloud-native firewall & IAM services, and container security platforms. · Endpoint & Workload Protection: Design endpoint security baseline, detection models, and threat prevention architecture using EDR/XDR platforms such as CrowdStrike, Microsoft Defender, SentinelOne, and OS hardening frameworks. · Network & Perimeter Security: Architect secure network topology, segmentation, and threat prevention using Palo Alto, Fortinet, Cisco Firewalls, Proxies, VPN, DNS Security, Zero Trust edge, and IDS/IPS technologies. · Application & API Security: Define secure application architecture, threat modeling, DevSecOps integration, and application protection using WAFs, API Gateways, SAST/DAST tools and API security platforms. · Data Security, Encryption & Governance: Design enterprise data protection models including encryption, DLP, data classification, tokenization, key management using DLP suites, CASB, KMS, HSMs, and data access governance tools. · Zero Trust Architecture: Lead organization-wide adoption of Zero Trust principles such as identity-first access, micro-segmentation, continuous validation, session risk scoring, and telemetry-driven decisions across cloud, network, and applications. Stakeholder Engagement & Advisory · Work as a trusted advisor to IT, Security, Cloud, Infrastructure, Application, and Business teams. · Conduct architectural walkthroughs and provide guidance to project managers, technical engineers, and operations teams. · Support vendor evaluations and conduct security due diligence on third-party solutions. Documentation & Communication · Produce architecture blueprints, HLD/LLD documents, security patterns, and integration diagrams. · Document design gaps, risks, mitigations, and deliver clear technical recommendations. · Maintain security reference architectures and reusable templates for enterprise-wide use Requirements Skills and Experience: · Education and Experience: o Strong secondary-level education is required, ideally to A-level or equivalent standard, in a technical or analytical discipline. o A university degree is not essential, though a qualification in Cyber Security, Information Technology, Risk Management, or a related field would be considered advantageous. o 8+ years of experience in cyber security or information security roles. · Knowledge and Skills: o Strong understanding of enterprise security architecture, frameworks, and best practices. o Expertise across cybersecurity domains such as cloud, network, endpoint, application, data security, and monitoring. o Experience with security tools and platforms for data, endpoint protection and cloud security. o Knowledge of risk assessment and secure design principles. o Ability to design secure architectures, review solutions, and provide guidance to technical teams. Success Measures o Timely review and approval of project architectures for security compliance. o Effective integration and optimization of security tools across domains. o Mitigation of identified risks through architecture guidance. o Adoption of secure design principles and Zero Trust practices. · Soft Skills: o Strong communication skills to translate complex technical concepts to executives, business, and technical teams. o Excellent stakeholder management and influencing skills across cross-functional teams. o Strategic thinking and problem-solving to make risk-based decisions. o Leadership & mentoring: guiding junior architects and cybersecurity engineers. o Collaboration skills for working with IT, Cloud, Security Operations, Application, and Project teams. o Strong analytical skills for evaluating technologies, risks, and architectural trade-offs. · Certifications (Nice to have) o Security certifications: CISSP, CCSP, CISM, CEH, GCP/Azure/AWS Security Specialty, or any relevant architecture certification. Desired but not necessary: · Exposure to Zero Trust initiatives, SASE, DevSecOps, threat modeling frameworks, and container security. · Familiarity with automation (Python, PowerShell, Terraform), IaC security, and CI/CD pipelines. Personal Requirements: · Excellent communication skills · Results driven, with a strong sense of accountability · A proactive, motivated approach. · The ability to operate with urgency and prioritise work accordingly · Strong decision making skills, the ability to demonstrate sound judgement · A structured and logical approach to work · Strong problem solving skills · A creative and innovative approach to work · Excellent interpersonal skills · The ability to manage large workloads and tight deadlines · Excellent attention to detail and accuracy · A calm approach, with the ability to perform well in a pressurised environment Requirements Technical Competencies Required Skills (Must Have) Security Operations: · 3-5 years experience in SOC, threat detection, or incident response · Proficiency with SIEM platforms (Splunk, ArcSight, QRadar, or similar) · Hands-on experience with EDR solutions (CrowdStrike, Microsoft Defender, SentinelOne) · Strong understanding of security frameworks (MITRE ATT&CK, NIST Cybersecurity Framework) · Knowledge of incident response processes and procedures · Experience with security monitoring tools and techniques Technical Knowledge: · Strong understanding of networking (TCP/IP, DNS, HTTP/HTTPS, VPN, firewalls) · Windows and Linux system administration fundamentals · Knowledge of common attack vectors and threat landscape · Ability to read and interpret logs (Windows Event Logs, Syslog, firewall logs, web logs · Understanding of malware analysis concepts (static vs. dynamic analysis) · Basic scripting knowledge (Python, Bash, or PowerShell) for automation tasks Analytical Skills: · Excellent analytical and problem-solving abilities · Strong attention to detail and accuracy · Ability to work through complex investigations methodically · Data-driven decision making · Pattern recognition and anomaly detection capabilities Communication & Documentation: · Excellent written communication for incident reports and escalations · Ability to clearly explain technical findings to non-technical stakeholders · Strong documentation and note-taking practices · Clear verbal communication with team members and other departments Desired Skills (Nice to Have) · Threat Intelligence: Experience consuming and applying threat intelligence · Advanced Forensics: Digital forensics or malware analysis experience · Automation: Experience with Python, Ansible, or similar for playbook automation · Cloud Security: Experience with AWS, Azure, or GCP security monitoring · Certifications: GIAC Security Essentials (GSEC), CEH, Security+, CISSP, or similar · Incident Response: Prior incident response team experience · Vulnerability Management: Experience with vulnerability assessment and remediation · Compliance: Knowledge of compliance frameworks (PCI-DSS, HIPAA, SOC 2, ISO 27001)