Senior Lead Sec Architect

Job Description

Description Guides the development, specification and communication of application or infrastructure architectures used by multiple business or application systems. Provides extensive, in-depth, technical consultation to the clients, partners, and IT Management to develop plans and directions to assure the integration of corporate business area requirements. Acts as cybersecurity expert for cloud migration projects/programs Thoroughly understands decision process issues of technology choice, such as design, data security, client server communication, etc. Partner with Management in the building of new and on-going partnership with various teams and line of business Evaluates and selects from existing and emerging technologies those options best fitting business/project needs Partner with Security Champions, Attack Surface Management, and AppSec teams Promotes sharing of expertise through consulting, presentations, and documentations, etc. Experienced, functional expert with technical and/or business knowledge and functional expertise Carries out complex initiatives involving multiple disciplines and/or ambiguous projects Displays a balanced, cross-functional perspective, liaising with the business teams to help improve efficiency, effectiveness, and productivity Strategic in developing, implementing, and administering programs within functional areas Provides guidance to team members, fostering an environment that encourages employee participation, teamwork, and communication Qualifications Bachelors degree and experience in information security, or an equivalent combination of education and work experience. Excellent consultative and communication skills, and the ability to work effectively with client, partner, and IT management and staff. Six years of industry experience with the combination of main stream Information Security role and application development is preferred CISSP, CISM, or Security+ certification preferred Strong collaboration skills and analytical ability Deep knowledge of application or infrastructure systems architecture, usually having experience with multiple system technologies. Requirements/Responsibilities - Experience related to application development and DevOps Very good understanding of CI/CD pipeline and secure application development methodologies Experience with security tools related to DevSecOps- SAST, DAST, IAST In-depth knowledge of various cybersecurity frameworks, standards, and SSDLC Experience related to vulnerability management is big plus Must have very good understanding related to OWASP top vulnerabilities and knowledge related to MITRE framework Knowledge related to WAF, App Proxy, and CDN Very good understanding of zero-trust architecture and working experience with relevant tools/technologies Good understanding related to IPS/IDS, Network load balancer, firewalls, Z-Scaler, and networking technologies Knowledge related AI/ML, CI/CD Pipeline, IaC, and relevant tools Experience in dealing with threat vectors and develop relevant plans to protect the organization from cyber threats Lead the security architecture reviews and provide analysis with the observations and findings Experience in providing security consultation to application teams Knowledge of network architecture concepts including topology, protocols, and components Understanding related to SEIM and experience related to Microsoft Defender, Entra, KQL, APIM, endpoint protection, scripting, CoPilot Knowledge related to Privilege access management, Threat hunting, data protection, encryption, Authentication/Authorization, Vulnerability management systems, Cloud Security Posture Management. Very good understanding of concepts related to docker, container, serverless computing, and Kubernetes Must be able to represent the security architecture team in technical discussions and drive towards deliverables with minimal guidance