Security Architect

Role Overview

A Security Architect is a leadership role focused on designing, implementing, and managing an organization's cybersecurity infrastructure. They are responsible for ensuring the confidentiality, integrity, and availability of data and systems.

Education & Qualification:

B.E. / B.Tech / MCA./ BCA/ BSC with minimum 5 to 6 years of experience in Network security & architecture and Information security.

Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or similar are preferred.

Key Responsibilities:

• Develop and maintain a comprehensive security architecture framework aligned with business goals and regulatory requirements.
• Identify and assess security risks and develop mitigation strategies.
• Design and implement security solutions, including firewalls, intrusion detection systems, and data loss prevention tools.
• Create and maintain security architecture diagrams and documentation.
• Stay up-to-date on the latest security threats and technologies.
• Strong understanding of security domains (e.g., network security, data security, application security).
• Experience with security frameworks (e.g., MITRE, NIST, ISO).
• Profound understanding on cryptographic standards, application security, enterprise architecture, software development lifecycle etc
• Network security architecture and its development are both important to understand.
• Expertise in security measures such as firewalls, intrusion detection, and prevention systems (IDS/IPS), network access controls, and network segmentation.
• Perform security reviews, identify gaps in security architecture, and develop a security risk management plan
• Evaluate security architectures and designs to determine the adequacy of security design and architecture proposed or provided in response to requirements
• Thorough knowledge of authentication and authorization standards applicable in the web services, enterprise application, API development, eg: OAuth2, SAML, Tokenization etc.
• Responsible for designing, developing, and maintaining complex API architecture framework solutions that meet the requirements as well as adhering to established architectural principles, standards, and patterns.
• Advanced skill in Secure Software development lifecycle (SSDLC) methodology and Work with DevOps engineers to integrate new code into existing continuous integration (CI) and continuous delivery/deployment (CD) pipelines
• Deep understanding of security vulnerabilities, exploits application infrastructure, APIs etc
• Familiarity with OWASP, SANS and other coding guidelines
• Knowledge of Cyber kill chain (MITRE), Threat Modelling (STRIDE), NIST framework
• Experienced in security of middleware tools such as Service oriented architecture (SOA) Web architecture
• Ensure compliance with relevant security standards and regulations (e.g., ISO 27001, NIST).
• Strong analytical and problem-solving skills.
• Provide guidance and mentorship to junior security team members.

Interested candidates can share their resume & details at ankita.parihar_pri@npci.org.in