Security Architect
1 day ago
Role Summary Work with us to build modern Insurtech AI underpinned solutions, we are a growing team of hands on architects striving to build high quality solutions for our internal and external customers. The Security Architect designs and implements security architectures across the Xceedance insurance ecosystem, establishing security standards, conducting threat modeling, and ensuring systems are designed with security-first principles including Zero Trust, defense in depth, and compliance with regulatory requirements in the insurance industry. Key Responsibilities Security Architecture & Design - Designs comprehensive security architectures for cloud-native, hybrid, and on-premises environments spanning applications, infrastructure, networks, and data platforms using Microsoft Azure as primary platform. Develops reference architectures and security blueprints for common patterns including microservices, APIs, data lakes, and AI/ML workloads. Conducts threat modeling exercises using STRIDE, PASTA, and LINDDUN frameworks to identify security risks during design phase. Performs security architecture reviews and assessments of existing systems, applications, and infrastructure components ensuring alignment with enterprise security standards and regulatory requirements. Zero Trust & Identity Security - Designs and implements Zero Trust security architectures based on never trust, always verify principles including micro-segmentation, least privilege access, and continuous verification. Architects enterprise identity and access management (IAM) solutions using Azure Active Directory/Entra ID, SSO, federation, and privileged access management (PAM). Designs authentication and authorization frameworks supporting SAML, OAuth 2.0, OpenID Connect, and modern authentication protocols. Implements multi-factor authentication (MFA), risk-based conditional access policies, and passwordless authentication strategies. Designs role-based access control (RBAC) and attribute-based access control (ABAC) models aligned with least privilege principles. Cloud Security Architecture - Architects security controls and guardrails for Azure, AWS, and GCP covering compute, storage, networking, and platform services. Designs cloud-native security patterns including service mesh security, container security (Kubernetes RBAC, pod security policies), and serverless security. Implements network security groups (NSGs), web application firewalls (WAF), DDoS protection, and cloud access security brokers (CASB). Designs secure landing zones, hub-and-spoke network topologies, and network segmentation strategies for multi-tenant environments. Establishes cloud security posture management (CSPM) and cloud workload protection platforms (CWPP) ensuring continuous compliance. Application Security - Integrates security into software development lifecycle (SDLC) embedding security practices in CI/CD pipelines through DevSecOps and shift-left security. Defines secure coding standards based on OWASP Top 10, SANS Top 25, and industry best practices. Designs security testing strategies incorporating static application security testing (SAST), dynamic application security testing (DAST), software composition analysis (SCA), and interactive application security testing (IAST). Architects secrets management solutions using Azure Key Vault, HashiCorp Vault, or AWS Secrets Manager protecting API keys, certificates, and credentials. Designs API security frameworks including API gateways, rate limiting, input validation, and API threat protection. Security Operations & Monitoring - Designs security monitoring and incident detection architectures using SIEM platforms including Microsoft Sentinel, Splunk, IBM QRadar , or Elastic Security. Architects security orchestration, automation, and response (SOAR) platforms automating incident response workflows and playbooks. Designs logging and log aggregation strategies ensuring comprehensive visibility across applications, infrastructure, and cloud platforms. Implements threat intelligence platforms integrating threat feeds to enable proactive threat detection and hunting. Designs incident response architectures including forensic capabilities, evidence collection, and chain of custody procedures. Compliance, Risk & Governance - Ensures security architectures comply with regulatory requirements including GDPR, HIPAA, PCI-DSS, SOC 2, ISO 27001, NIST frameworks, and insurance-specific regulations (Solvency II, state insurance regulations). Conducts security risk assessments developing risk mitigation strategies aligned with business objectives and risk appetite. Designs security governance frameworks including security policies, standards, procedures, and guidelines. Establishes security metrics and KPIs measuring effectiveness of security controls and demonstrating continuous improvement. Collaborates with compliance, legal, and audit teams ensuring security architectures meet regulatory and contractual obligations. Data Protection & Encryption - Designs data protection architectures including encryption at rest, encryption in transit, and data loss prevention (DLP) strategies. Architects key management systems and certificate management solutions ensuring proper key lifecycle management. Designs data classification frameworks implementing data sovereignty requirements for multi-region deployments. Implements privacy-by-design principles and privacy-enhancing technologies (PETs) protecting sensitive and personally identifiable information (PII) critical in insurance operations. Network Security - Designs network security architectures implementing network segmentation, DMZs, and secure connectivity patterns. Architects firewall strategies, intrusion detection/prevention systems (IDS/IPS), and network access control (NAC) solutions. Designs secure remote access including VPN, zero trust network access (ZTNA), and software-defined perimeter (SDP) approaches. Implements DDoS mitigation strategies and content delivery network (CDN) security. Collaboration & Leadership - Works with enterprise architects, solutions architects, DevOps engineers, developers, and business stakeholders to embed security into all initiatives. Mentors security engineers and development teams on security best practices and secure design patterns. Leads security architecture reviews, design discussions, and technical working groups. Communicates complex security concepts and risks to executive leadership and non-technical stakeholders. Stays current with emerging threats, vulnerabilities, attack vectors, and evolving security technologies through continuous learning and industry engagement. Required Skills Security Frameworks & Standards - NIST Cybersecurity Framework, ISO 27001/27002, CIS Controls, OWASP Top 10, SANS Top 25, Zero Trust Architecture (NIST SP 800-207), PCI-DSS, HIPAA, GDPR, and insurance regulatory frameworks. Identity & Access Management - Azure Active Directory/Entra ID, SSO implementations, SAML/OAuth 2.0/OpenID Connect, multi-factor authentication (MFA), privileged access management (PAM), RBAC/ABAC models, identity governance, and passwordless authentication. Cloud Security - Azure Security Center, Microsoft Defender for Cloud, AWS Security Hub, Google Security Command Center, CASB solutions, network security groups, web application firewalls, container security, Kubernetes security, and cloud-native security tools. Application Security - Secure SDLC practices, threat modeling (STRIDE, PASTA, LINDDUN), SAST tools (SonarQube, Checkmarx , Fortify), DAST tools (OWASP ZAP, Burp Suite), SCA tools ( Snyk , WhiteSource ), secrets management (Azure Key Vault, HashiCorp Vault), and API security. Security Operations - SIEM platforms (Microsoft Sentinel, Splunk, IBM QRadar , Elastic Security), SOAR platforms, EDR/XDR solutions, threat intelligence platforms, log analysis, incident response frameworks, and forensic tools. Network Security - Firewall technologies (next-gen firewalls, Azure Firewall), IDS/IPS systems, network segmentation, VPN technologies, ZTNA solutions, DDoS mitigation, and secure network design. Encryption & Data Protection - Encryption protocols (TLS/SSL, IPSec), key management systems, certificate authorities, data loss prevention (DLP), data classification, tokenization, and data masking techniques. Required Experience Eight or more years in cybersecurity, security engineering, or security architecture roles with three years designing enterprise security architectures. Proven experience architecting security solutions on Microsoft Azure with deep understanding of cloud security principles and patterns. Track record conducting threat modeling exercises, performing security architecture reviews, and achieving compliance certifications (SOC 2, ISO 27001, PCI-DSS). Experience in insurance or financial services environments with understanding of regulatory requirements and sensitive data protection. Evidence of implementing Zero Trust architectures, designing identity and access management solutions, and establishing security governance frameworks. Experience leading security incident response, conducting vulnerability assessments, and implementing security monitoring solutions. Required Certifications CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), CCSP (Certified Cloud Security Professional), Microsoft Certified: Security Operations Analyst Associate or Azure Security Engineer Associate. Valuable additions: CEH (Certified Ethical Hacker), SANS GIAC certifications (GIAC Security Essentials, GCIH, GPEN), OSCP (Offensive Security Certified Professional), CISA (Certified Information Systems Auditor). Key Competencies Insurance Domain Security - Understanding insurance data sensitivity (PII, claim data, financial information), regulatory requirements (state insurance regulations, Solvency II, GDPR, CCPA), industry-specific threats, and common insurance platform security considerations. Technical Leadership - Leading security architecture reviews, establishing security standards, mentoring security engineers and developers, communicating risks to executive leadership, and balancing security with business enablement. Risk Management - Conducting security risk assessments, developing risk treatment plans, communicating security risks in business terms, and aligning security investments with risk appetite and business objectives. Innovation & Continuous Learning - Staying current with threat landscape, emerging attack vectors, new security technologies, zero trust maturity, and evolving regulatory requirements driving continuous improvement of security posture. . Skillset Required: Proactive, Clo, Rails, Cpa, Cro, Risk Assessment, Cto, Ccsp, Microsoft Azure, Dos, Loss Prevention, Networking, Iso 27001, Devops, Enterprise Architect, Insurance Industry, Blueprints, Azure, Vat, Contractual Obligations, Oauth, Vpn, Erp, Ned, Information Security, Risk Management, Certified Cloud Security Professional, Sdlc, Visio, Technical Work, Insurtech, Assessments, Design Patterns, Application Security, Compliance, Agile, Vault, Mentoring, Testing Strategies, Workflow, Leadership, Iam, Forensic, Cloud Platforms, Productive, Aws, Identity And Access Management, Soa, Cybersecurity, Design Principles, Splunk, Software Development
-
Security Architect
3 weeks ago
Noida, India HCLTech Full timePosition: MSI Security Architect – E4Primary Skill SetExperience: Minimum 14+ years in implementing security tools and designing solutions across Perimeter Security , Endpoint Security , and Cloud Security .Technical ExpertiseHands-on implementation experience with multiple security tools, including but not limited to:Perimeter Security: Firewalls (Palo...
-
Security Architect
3 weeks ago
Noida, India HCLTech Full timePosition: MSI Security Architect – E4Primary Skill SetExperience: Minimum 14+ years in implementing security tools and designing solutions across Perimeter Security, Endpoint Security, and Cloud Security.Technical ExpertiseHands-on implementation experience with multiple security tools, including but not limited to: Perimeter Security: Firewalls (Palo...
-
Security Architect
3 weeks ago
Noida, India HCLTech Full timePosition: MSI Security Architect – E4Primary Skill SetExperience: Minimum 14+ years in implementing security tools and designing solutions across Perimeter Security, Endpoint Security, and Cloud Security.Technical ExpertiseHands-on implementation experience with multiple security tools, including but not limited to: Perimeter Security: Firewalls (Palo...
-
Security Architect
3 weeks ago
Noida, India HCLTech Full timePosition: MSI Security Architect – E4 Primary Skill Set - Experience: Minimum 14+ years in implementing security tools and designing solutions across Perimeter Security, Endpoint Security, and Cloud Security. Technical Expertise - Hands-on implementation experience with multiple security tools, including but not limited to: - Perimeter Security: Firewalls...
-
Senior Security Architect
14 hours ago
Noida, Uttar Pradesh, India Sumo Logic Full timeTitle: Security Architect Location: Noida (Hybrid)Role OverviewThe Security Architect is responsible for designing the security foundations, patterns, and guardrails that protect Sumo Logic's infrastructure, applications, data, and cloud environments. This role sits at the intersection of engineering and security, ensuring our systems scale safely while...
-
Security Architect
1 day ago
Noida, India r3 Consultant Full timeRequired Skills Security Frameworks & Standards - NIST Cybersecurity Framework, ISO 27001/27002, CIS Controls, OWASP Top 10, SANS Top 25, Zero Trust Architecture (NIST SP 800-207), PCI-DSS, HIPAA, GDPR, and insurance regulatory frameworks. Identity & Access Management - Azure Active Directory/Entra ID, SSO implementations, SAML/OAuth 2.0/OpenID Connect,...
-
Security Architect
2 days ago
Noida, India r3 Consultant Full timeRequired Skills Security Frameworks & Standards - NIST Cybersecurity Framework, ISO 27001/27002, CIS Controls, OWASP Top 10, SANS Top 25, Zero Trust Architecture (NIST SP 800-207), PCI-DSS, HIPAA, GDPR, and insurance regulatory frameworks. Identity & Access Management - Azure Active Directory/Entra ID, SSO implementations, SAML/OAuth 2.0/OpenID Connect,...
-
Security Architect
2 days ago
Noida, India r3 Consultant Full timeRequired Skills Security Frameworks & Standards - NIST Cybersecurity Framework, ISO 27001/27002, CIS Controls, OWASP Top 10, SANS Top 25, Zero Trust Architecture (NIST SP 800-207), PCI-DSS, HIPAA, GDPR, and insurance regulatory frameworks.Identity & Access Management - Azure Active Directory/Entra ID, SSO implementations, SAML/OAuth 2.0/OpenID Connect,...
-
Security Architect
8 hours ago
Noida, India r3 Consultant Full timeRequired SkillsSecurity Frameworks & Standards - NIST Cybersecurity Framework, ISO 27001/27002, CIS Controls, OWASP Top 10, SANS Top 25, Zero Trust Architecture (NIST SP 800-207), PCI-DSS, HIPAA, GDPR, and insurance regulatory frameworks.Identity & Access Management - Azure Active Directory/Entra ID, SSO implementations, SAML/OAuth 2.0/OpenID Connect,...
-
Enterprise Security Architect
4 days ago
Noida, India HCLTech Full timeAbout the RoleThe Enterprise Security Architecture Reviewer (ESAR) is a governance-focused role responsible for evaluating and validating security architecture designs across enterprise IT initiatives. This position ensures alignment with organizational security standards, regulatory frameworks, and strategic goals by participating in the Security...
