Security Architect

Project Role :Security Architect

Project Role Description :Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations.
Must have skills :Data Encryption

Good to have skills :NAMinimum
3 year(s) of experience is required

Educational Qualification :15 years full time education:We are seeking a dedicated and detail-oriented Analyst to join our Identity and Access Management (IAM) team, supporting a major US-based client. The role focuses on Public Key Infrastructure (PKI) operations with additional responsibilities around Enterprise Key Management System (EKMS) and Identity governance tools. This is a hands-on operational role requiring support in a 24x7 environment, following a rotational shift model.
Roles & Responsibilities:- Perform day-to-day operations of PKI services including certificate issuance, renewal, revocation, and monitoring.- Maintain and troubleshoot Certificate Authorities (CAs), Online Responders (OCSP), and Certificate Enrollment Web Services (CEP/CES).- Support integration and certificate management for enterprise applications, servers, network devices, and security appliances.- Execute and monitor certificate lifecycle management tasks and ensure compliance with security standards.- Troubleshoot SSL/TLS-related issues and assist with application-level binding of certificates (e.g., IIS, LDAPS, etc.).- Maintain service availability, perform routine health checks, and participate in DR/Resiliency testing.- Work closely with the IAM team on access control and authentication mechanisms where certificate-based auth is integrated.- Provide operational support for EKMS (Enterprise Key Management System) as an added advantage.- Follow ITIL processes for incident, change, and problem management.- Prepare and maintain SOPs, documentation, and runbooks for PKI and associated tools.Professional & Technical
Skills:

- Strong hands-on experience with Microsoft PKI, including Root and Subordinate CAs.- Experience in certificate lifecycle management for diverse enterprise environments.- Familiarity with Active Directory Certificate Services (ADCS).- Working knowledge of Online Responders, CEP/CES,NDES and Auto-Enrollment policies.- Knowledge on DigiCert certificates and management.- Good understanding of SSL/TLS protocols and digital certificates.- Basic scripting skills (PowerShell preferred) for automation of routine tasks.-IAM concepts and experience with directory services (Active Directory, Entra ID/Azure AD) is an added advantage.- Exposure to EKMS solutions (e.g., Thales, Venafi, or other HSM-integrated key management platforms) is a plus- Preferred Certifications:Microsoft certifications related to security or infrastructure.,CompTIA Security+, Certified PKI Professional (CPKI), or similar.,Azure Security, SC-300 or SC-900 (optional, for IAM).
Additional Information:- The candidate should have minimum 3 years of experience.- This position is based at our Bengaluru office.- A 15 years full time education is required.Qualification
15 years full time education