Security Architect

Job Profile:

We are seeking a highly skilled Security Architect to join our team. This role will be instrumental in driving innovation and ensuring the highest level of security for our Infrastructure and software applications. This role will report in to the Cyber Security Organization. This is an excellent opportunity for an experienced Security Architect to join our Growing Cyber Security team. The role will represent the Cyber Security function within RRD and will champion best practices to both Cybersecurity and its business partners.

The candidate should have 7 to 9 years of experience in design and implement robust security solutions across cloud, infrastructure, applications, databases, AI, and endpoint security. The ideal candidate will have a deep understanding of security frameworks, software security principles, risk assessment methodologies with a proven track record in architecting secure systems, and a passion for staying ahead of emerging threats, ensuring that our systems remain secure and resilient against cyber threats.

Responsibilities:

• Security Architecture & Design: Develop and implement secure architecture frameworks across cloud, infrastructure, application, and database environments in alignment with NIST, ISO 27001, SOC 2, and PCI DSS.
• Cloud Security: Design and implement cloud security best practices for AWS, Azure, GCP to ensure compliance with security standards (CIS, NIST, ISO 27001, PCI DSS, etc.).
• Infrastructure Security: Evaluate and enhance network security, data center security, and endpoint security controls to prevent unauthorized access and threats.
• Application Security: Work closely with development teams to integrate secure SDLC, threat modeling, and secure coding practices into software development workflows.
• Database Security: Implement database security policies, including encryption, access control, auditing, and monitoring mechanisms.
• AI Security: Assess security risks in AI/ML models, ensuring adversarial resilience and data privacy compliance.
• Identity & Access Management (IAM): Design IAM frameworks, including role-based access control (RBAC), least privilege principles, and SSO/MFA strategies.
• Privacy & Compliance: Ensure compliance with global privacy regulations (GDPR, CCPA, etc.), implementing data protection strategies and encryption.
• Security Assessments & Threat Modeling: Conduct risk assessments, penetration testing coordination, and threat modeling to proactively address security vulnerabilities.
• Incident Response & Forensics: Support incident response teams by providing security architecture guidance and assisting in forensic investigations.
• Review Master Service agreements, Statement of Work, and other contractual documents as required, to ensure contractual documents (and inherent risks) are flagged for risk treatment as appropriate. Further, review IT architecture/Solutions proposed or implemented for business accounts and identify inherent risks in the proposed IT solutions with recommendations on appropriate safeguards.
• Evaluate security risks and recommend mitigation strategies for handling sensitive data, including PII, PHI, and PCI.
• Collaboration & Leadership: Work closely with IT, DevOps, and Security teams to embed security into enterprise architecture and software development lifecycles.

Skillset:

• Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience).
• 7 to 9 years of security architecture experience with a focus on cloud, infrastructure, application, IAM, and database security.
• Expertise in cloud security (AWS, Azure, GCP) including network security groups, IAM policies, encryption, and workload security.
• Strong knowledge of cybersecurity frameworks such as NIST, ISO 27001, CIS, and regulatory compliance standards like PCI DSS, HIPAA, and GDPR.
• Experience with Zero Trust architectures, network segmentation, endpoint protection, and threat intelligence.
• Proficiency in security tools such as SIEM, EDR, WAF, DLP, and CASB solutions.
• Hands-on experience in secure coding, DevSecOps, and CI/CD pipeline security integration.
• Understanding of AI/ML security challenges, data poisoning, model inversion attacks, and adversarial AI risks.
• Knowledge of database security best practices (encryption, access control, auditing, and anomaly detection).
• Experience in IAM solutions (Okta, Azure AD, Ping, One Identity) and implementing SSO, MFA, RBAC, and PAM.
• Strong analytical and problem-solving skills with excellent communication and leadership abilities.
• Understanding of security requirements for IT/ITES, BPO, and shared services environments.
• Excellent communication and collaboration skills to work across multiple business units.
• Relevant certifications such as CISSP, CCSP, CEH, TOGAF, SABSA ,AWS/Azure security certifications are a plus.