Job
Description
Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Infrastructure Security Vulnerability Management Operations Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:-Qualys Platform Ownership & Optimization:Act as the Qualys SME, leading the end-to-end lifecycle of vulnerability management using Qualys, including scanner appliance deployment, asset tagging, scan scheduling, and template creation.Configure and manage Qualys Global AssetView, Cloud Agents, and Scanner Appliances (physical and virtual) for internal, external, and authenticated scans.Develop and fine-tune custom scan templates to reduce false positives/negatives, tailored to OS, application stack, and business unit needs.Leverage Qualys Tagging, Dynamic Asset Groups, and Query Language (QQL) to segment, track, and report on assets across on-prem, cloud, and hybrid environments.Vulnerability Lifecycle Management:Analyze vulnerability data, correlate with threat intelligence, and provide risk-prioritized remediation plans to infrastructure, cloud, and devops teams.Build automated ticketing workflows with platforms like ServiceNow, integrating Qualys findings directly into change management processes.Design and deliver actionable dashboards and reports for different audiences (CISO, IT Ops, Audit, DevSecOps).Policy Compliance & Governance:Implement and manage Qualys Policy Compliance (PC) for baseline configuration and hardening checks aligned with CIS, NIST, ISO, and custom policies.Collaborate with GRC teams to support audits, compliance initiatives, and regulatory mandates (e.g., PCI-DSS, HIPAA, SOX).Strategic & Technical Leadership:Work cross-functionally to evangelize vulnerability management best practices, educate stakeholders, and shift security left in development and operations lifecycles.Identify opportunities to automate manual processes through APIs, scripting (Python, Bash, PowerShell), and integrations with DevOps tools.Stay ahead of new Qualys features/releases and coordinate their controlled rollout across environments.________________________________________ Professional & Technical Skills: - Must To Have Skills: Proficiency in Infrastructure Security Vulnerability Management Operations- Strong understanding of cloud security principles- Experience with security architecture design- Knowledge of security compliance standards- Hands-on experience with security tools and technologies Additional Information:- The candidate should have a minimum of 5 years of experience in Infrastructure Security Vulnerability Management Operations.- This position is based at our Noida office.- A 15 years full time education is required. Qualification 15 years full time education
