Job
Description
About The Role
Project Role :Security Architect
Project Role Description :Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations.
Must have skills :Application Security Architecture and Design
Good to have skills :NA
Minimum 7.5 year(s) of experience is required
Educational Qualification :15 years full time education
Summary:We are looking for a Technical Lead with strong expertise in Application and Infrastructure Security to lead a suite of security services including vulnerability management, application security testing (SAST/DAST), and penetration testing. This role is ideal for someone who can not only execute and review security assessments but also manage tools, provide technical direction to a delivery team, and act as a trusted advisor to the client on security best practices Roles & Responsibilities:- Service Delivery & Technical Leadership Lead the delivery of application and infrastructure security services including:Dynamic Application Security Testing (DAST)Static Application Security Testing (SAST/SCA)Web & API Penetration TestingMobile Application Security TestingInfrastructure Vulnerability Management (IVM)Oversee scan scheduling, execution, validation, and reporting.Drive the reduction of false positives and enhance detection accuracy.Ensure timely delivery of security testing activities aligned with client SLAs.- Security Testing & AnalysisPerform automated and manual security scans for applications and infrastructure.Validate findings, analyze root causes, and prioritize remediation based on risk.Provide technical recommendations to development, DevOps, and infrastructure teams.Align findings with recognized standards (e.g., OWASP Top 10, CVSS, CWE).- Tool Ownership & OptimizationAdminister and optimize usage of security tools including but not limited to:WebInspect, Veracode, Burp Suite, Custom Scripting ToolsGitLab, ServiceNow Security ModulesDatadog Security Explorer, OpenShift ACSTune and maintain tool configurations, scan profiles, and dashboards.- Governance & ReportingTrack scan volumes, issue lifecycle, and performance KPIs.Deliver dashboards and executive-level reports on security posture.Support audit, compliance, and client reporting needs.- Team Collaboration & Stakeholder ManagementProvide technical direction and mentorship to the delivery team.Liaise with client teams, application owners, and platform SMEs.Ensure effective communication across stakeholders for testing, issue triage, and remediation. Professional & Technical
Skills:
- 8+ years of experience in Cybersecurity, with specialization in Application Security and Vulnerability Management.- Strong technical knowledge of SAST/DAST tools (e.g., Veracode, WebInspect).- Hands-on experience in penetration testing of web, mobile, and API-based applications.- Familiarity with infrastructure scanning and vulnerability remediation practices.- Strong understanding of secure SDLC, OWASP Top 10, SANS Top 25, and risk classification models (CVSS, CWE).- Experience working in global delivery teams, preferably in a client-facing role- CEH / OSCP / GWAPT / CISSP / CSSLP- Veracode Certified Specialist or equivalent- Vendor certifications on WebInspect, Burp Suite, GitLab Security
Additional Information:- The candidate should have minimum 7.5 years of experience in Application Security Architecture and Design.- This position is based at our Gurugram office.- A 15 years full time education is required.- Knowledge of cloud security principles (Azure/AWS/GCP)- Familiarity with container security and DevSecOps tooling- Exposure to automated CI/CD security integrations- Strong communication and documentation skills- Proactive problem-solving and analytical thinking- Ability to balance security risk with operational practicality Qualification 15 years full time education
