Information Security Architect

About MBRDI

Mercedes-Benz Research and Development India (MBRDI), headquartered in Bengaluru with a satellite office in Pune, is the largest R&D center for Mercedes-Benz Group AG outside of Germany. Our mission is to drive innovation and excellence in automotive engineering, digitalization, and sustainable mobility solutions, shaping the future of mobility.

Job Role: Information Security Architect

Responsibilities

• Conduct threat modeling and architectural assessments of applications to encompass all aspects of information security, ensuring security by design.
• Document identified threats and provide corresponding mitigation strategies.
• Evaluate technologies and solutions to enhance security capabilities.
• Identify security gaps and communicate associated business risks to relevant stakeholders.
• Provide solutions aligned with business needs, considering security and compliance requirements.
• Verify the effectiveness of security controls in mitigating identified risks.
• Assist engineering projects throughout the Secure Software Development Life Cycle (SSDLC) and collaborate to effectively prioritize product security elements.

Technical Skill:

• Strong knowledge of information security principles, security architectures, frameworks, standards, and emerging threats, with the ability to implement effective mitigation strategies.
• Deep understanding of network protocols, operating systems, databases, applied cryptography, least privilege, zero trust principles, identity & access management, and other core information security concepts.
• Familiarity with regulatory requirements and compliance standards (NIST, ISO 27001, GDPR, SOC2).
• Expertise in cloud computing and its associated best security practices, covering applications, infrastructure, storage, platforms, and data security.
• Hands-on experience in performing threat modeling for applications, identifying threats, and suggesting optimal mitigation strategies.
• Strong understanding of threat modeling methodologies (e.g., STRIDE, DREAD, PASTA).
• Proficiency in using threat modeling tools (e.g., Microsoft Threat Modeling Tool, Threat Modeler, OWASP Threat Dragon).
• In-depth knowledge of common security vulnerabilities (e.g., OWASP Top Ten, CVEs) and attack vectors.
• Must have experience in architecting and securing Cloud Computing Platforms such as Azure or AWS.
• Demonstrate a deep understanding of Google Cloud Platform(GCP) concepts and architectures, with a focus for how security controls are applied to cloud-based technologies. Architecture & Networking , Identity & Access Management, Securing the CI/CD Pipeline, Secrets and Data Protection, logging and monitoring and Security controls for Containers(e.g., Dockers, Kubernetes).
• Excellent communication and interpersonal skills, with the ability to interact with stakeholders at all levels and explain complex security concepts in an easily understandable manner.
• Good understanding of relevant laws, regulations, and industry standards

Qualifications:

• A Bachelor's degree in Computer Science, Information Technology, Engineering, Information Security, Cybersecurity, or a related field is required
• CISSP or CCSP or CSSLP certification is Mandatory.

Experience

• Minimum of 6-8 years of relevant work experience in cybersecurity architecture, engineering, application security, or a similar field. The candidate must possess the ability to perform threat modeling for applications.

Why Join Us?

• Be part of a purpose-driven organization that is shaping the future of mobility
• Work on cutting-edge technologies and global projects
• Thrive in a collaborative, diverse, and inclusive environment
• Access world-class infrastructure and continuous learning opportunities

Equal Opportunity Statement

At MBRDI, we are committed to diversity and inclusion. We welcome applications from all qualified individuals, regardless of gender, background, or ability.