SailPoint IDN Design & Implementation Job Overview: We are seeking professionals with experience in designing and implementing SailPoint Identity Now (IDN) solutions . This role involves engaging with business and technical teams to design scalable IAM frameworks, lead application onboarding, and implement identity lifecycle and governance processes using SailPoints cloud-native IDaaS platform. Key Responsibilities: Work closely with stakeholders to gather requirements and translate them into SailPoint IDN solution designs Create and review high-level and low-level design documents aligned with business use cases and security standards Lead end-to-end implementation of SailPoint IDN modules including Identity Profiles, Lifecycle Events, Access Reviews , and Role Management Define and configure identity workflows , including Joiner, Mover, Leaver (JML) processes Oversee application onboarding activities using standard connectors or SaaS integrations, ensuring proper mapping, transformation, and access provisioning logic Perform policy design for Segregation of Duties (SoD), access certification, and governance controls Coordinate and validate test plans and user acceptance testing (UAT) with business units and technical teams Ensure integration of IDN with enterprise platforms like Workday, ServiceNow, Active Directory, Azure AD , etc Maintain project documentation , implementation guides, and architecture review materials for audits and future reference Collaborate with developers, testers, and security analysts to ensure smooth delivery and post-go-live support Conduct knowledge transfer sessions and provide guidance to operational teams or system administrators Required Skills: Strong experience in design and implementation of SailPoint IdentityNow (IDN) within large-scale enterprise environments Deep understanding of identity lifecycle management, access governance, certifications , and policy enforcement Ability to define and implement IAM frameworks , including RBAC/ABAC and entitlement models Experience in application onboarding using SailPoint’s cloud-native connectors or REST APIs Sound knowledge of compliance frameworks (SOX, GDPR, ISO 27001) and their application in IGA systems Excellent skills in requirement gathering, stakeholder communication , and technical documentation Strong troubleshooting and implementation support skills , with experience resolving complex onboarding and identity issues Technical Skills: Expertise in SailPoint IDN Modules : Identity Profiles, Access Certifications, Roles, Lifecycle Events, Source Configuration Familiarity with identity integrations using REST APIs, LDAP, Azure AD, Workday, and ServiceNow Hands-on experience configuring roles, policies , access request workflows, and attestation rules (no coding required) Understanding of directory services , such as Active Directory and cloud identity stores Working knowledge of cloud platforms (AWS, Azure, GCP) and integrating SailPoint IDN in hybrid environments Familiarity with CI/CD environments , DevOps support processes , and agile methodologies for IAM delivery Certifications: Mandatory: SailPoint Certified IdentityNow Professional Good to Have: SailPoint Certified IdentityNow Engineer SailPoint Certified IdentityIQ Architect
Job Description: OT Security Architect Job Overview We are seeking a seasoned OT Security Architect to design, assess, and secure industrial control environments across IT and OT domains. This role requires deep expertise in ICS/SCADA systems, cybersecurity architecture, and international standards such as IEC 62443 and NIST. The ideal candidate will lead threat modeling, architecture reviews, and risk-based decision-making to protect critical infrastructure environments from cyber threats. Key Responsibilities Design and implement secure ICS/OT architecture in line with industrys best practices and regulatory standard Conduct technical architecture reviews of both IT and OT environments, providing security design decisions during project implementation Perform threat modeling for complex industrial systems and identify risks across control networks and components Develop and align cybersecurity policies, standards, and procedures for IT-OT integrated infrastructures Review network segmentation strategies to ensure secure and compliant architecture based on the Purdue model Apply security frameworks such as IEC 62443 , NIST SP 800-82 , and other applicable national/international OT standards Conduct security assessments at IT/OT convergence points and critical plant interfaces Lead security architecture discussions and provide technical recommendations to both technical and non-technical stakeholders Manage time-sensitive security escalations, provide clear remediation steps, and contribute to governance processes Stay current with evolving threats , technologies, and industry trends in OT cybersecurity Technical Skills Strong knowledge of ICS systems : SCADA, DCS, EMS, PLC, and industrial protocols such as OPC, Modbus TCP, Profinet, HART Experience with network security design in segmented OT environments, including firewalls, zones, and secure remote access Proficiency in evaluating and securing IIoT environments and OT endpoints Familiarity with supply chain security and its impact on operational systems Deep understanding of OT threat landscapes and risk mitigation techniques specific to industrial systems Working knowledge of security assessments, configuration reviews, and remediation planning for OT infrastructure Required Skills 10+ years of cybersecurity architecture experience, including 4+ hands-on OT security experience Ability to lead and influence security practices across manufacturing, industry, or pharma domains Strong documentation, reporting , and stakeholder communication skills Able to independently drive architectural decisions and manage multi-stakeholder conversations Familiarity with securing infrastructure and application layers in industrial environments Effective in fast-paced, high-pressure environments with shifting priorities Mandatory Certifications One or more of the following is strongly preferred: IEC 62443 certifications CISSP – Certified Information Systems Security Professional GICSP – Global Industrial Cyber Security Professional CSSA – Certified SCADA Security Architect Good to Have Certifications CRISC , CISM , CompTIA Security+ , or other relevant cybersecurity certifications. Any additional OT/ICS-specific credentials recognized in oil & gas, manufacturing, or critical infrastructure sectors.
Job Overview: We are looking for a PingFederate Architect to lead the design and deployment of federated identity solutions using Ping Identitys suite , including PingFederate and PingOne Advanced Identity Cloud . The role focuses on enabling secure authentication, SSO, and seamless application integration , while driving enterprise migrations and modern IAM practices across hybrid environments. Key Responsibilities: Design and deploy PingFederate and Ping One Advanced Identity Cloud solutions for authentication, SSO, and federation Lead IAM integration and migration projects from platforms such as SiteMinder, OAM, ForgeRock, or Okta Develop and maintain federation configurations using SAML, OAuth 2.0, OpenID Connect, and WS-Federation Coordinate with application owners, infrastructure teams , and external stakeholders to enable seamless identity integration Act as the final technical escalation point for identity federation and access management issues Guide implementation teams on industry best practices , architectural alignment, and policy enforcement Support BCP/DR planning , ensuring high availability and failover readiness of access management systems Mentor team members, document design patterns, and support knowledge sharing within the IAM community Required Skills 12+ years of IAM experience , including 5+ years in Ping Identity technologies Hands-on expertise in PingFederate, Ping One Advanced Identity Cloud , and associated modules Experience integrating with cloud, on-premises, and hybrid environments In-depth understanding of identity federation protocols (SAML, OAuth 2.0, OpenID Connect) Strong background in working with user directories (LDAP, AD) and identity gateways Proven success in IAM platform migrations and enterprise-scale integrations Technical Skills: Languages: Java, JavaScript, Groovy, PowerShell Web Technologies: HTML, CSS, JSP/Servlets, React, Angular, TypeScript Platforms: Windows, Linux/Unix, Tomcat, WebLogic, JBOSS, WebSphere IAM Protocols & APIs: SAML, OAuth 2.0, OIDC, REST, SOAP, Kerberos Directory Services: Active Directory, LDAP, Radiant Logic VDS, UnboundID DevOps: CI/CD concepts, config management, automation scripting Monitoring & Availability: Disaster Recovery (DR), high availability (HA) configuration Mandatory Certifications: Certified Professional - PingAccess Certified Professional PingDirectory Certified Professional - PingFederate Good to Have Certifications: Certified Expert - PingOne Certified Expert - PingAccess Certified Expert - PingDirectory Certified Expert - PingFederate
Job Description: Okta Architect Job Overview: We are seeking highly skilled Okta Architect with strong experience in Identity and Access Management (IAM) to lead design and implementation efforts for enterprise identity solutions. The role involves owning the end-to-end onboarding, integration, and federation of applications into Okta, guiding delivery teams, and ensuring high security, scalability, and compliance across the IAM ecosystem. Key Responsibilities: Act as IAM SME with expertise in Okta and other modern IAM tools Perform requirement analysis for transitioning applications from existing platforms to Okta Architect and implement application onboarding using standard protocols (SAML, OIDC, WS-FED, SWA) Design and support custom integrations for non-standard applications Guide teams in Okta configuration, user provisioning, and lifecycle automation Estimate and track effort and timelines for onboarding and integration activities Lead technical delivery and ensure high-quality documentation and outputs Integrate Okta with Active Directory, LDAP , and manage Universal Directory Collaborate with stakeholders across Security, Architecture, and Infrastructure teams Maintain adherence to access control policies (RBAC/ABAC) and security compliance standards Required Skills: 10+ years of total experience in IAM; minimum 4 years hands-on with Okta Strong knowledge of Okta IDaaS , Multi-Factor Authentication , and Universal Directory Experience in onboarding applications using SAML 2.0, OIDC, WS-FED, SWA Expertise in user provisioning, group management , and access policy enforcement Proven experience in migrating to applications and user stores to Okta Hands-on understanding of user session handling , attribute mapping , and federation flows Experience integrating Okta with enterprise platforms (e.g., Salesforce, ServiceNow Knowledge of role and attribute-based access models in enterprise IAM programs Technical Skills: Directory integration : Active Directory, LDAP Web protocols : SAML 2.0, OAuth 2.0, OpenID Connect, WS-FED API & Development : REST APIs, Java (basic integration-level knowledge) Okta-specific tools : Sign-in Widget customization, Universal Directory, Access Gateway Security concepts : MFA, session management, delegated authentication, reverse proxy Platform integration : Salesforce, ServiceNow, Splunk Infrastructure awareness : Azure AD, Kerberos Certifications: Mandatory: Okta Certified Professional Okta Certified Developer Good to have: Okta Certified Technical Architect
Job Description: Cloud Security Architect Job Overview We are seeking a skilled Cloud Security Architect to design, implement, and optimize secure cloud architectures across AWS , Microsoft Azure , and Google Cloud Platform (GCP) . The role requires deep knowledge of each platform's native security controls, combined with a strong foundation in automation, governance, and compliance. Key Responsibilities Architect and implement scalable, secure cloud solutions across AWS, Azure, and GCP Establish and enforce unified cloud security baselines, policies, and controls Lead threat modeling and risk assessments for multi-cloud workloads Guide secure deployment patterns and participate in architecture reviews across business units Automate cloud security operations using scripting and IaC tools Collaborate with platform teams, security engineers, and DevOps to integrate security into CI/CD pipelines Support compliance requirements by aligning cloud environments with frameworks like CIS, NIST, ISO 27001, PCI-DSS, and GDPR Monitor and respond to security incidents across cloud platforms and contribute to remediation strategies Evaluate emerging technologies and cloud security trends to enhance posture Technical Skills Strong experience with cloud-native security tools across: AWS (IAM, Guard Duty, Security Hub, KMS, Config) Azure (Defender for Cloud, Sentinel, Key Vault, Azure Policy) GCP (Security Command Center, VPC SC, Cloud Armor, Cloud DLP) Proficient in scripting and automation using Python , Bash , PowerShell Infrastructure as Code (IaC) experience with Terraform , CloudFormation , ARM/Bicep , or gcloud/Deployment Manager Familiar with Dev SecOps tools (Jenkins, Azure DevOps, GitHub Actions, etc.) Experience in Kubernetes and container security across cloud-managed services (e.g., EKS, AKS, GKE) Required Skills Proven ability to design secure, compliant, and scalable solutions across multi-cloud environments Expertise in identity and access management, encryption, network security, and logging Strong communication and collaboration skills with the ability to influence cross-functional teams Knowledge of incident response, threat hunting, and remediation in cloud environments Familiarity with Agile methodologies and continuous security improvement practices Certifications Mandatory Any one or more of the following cloud security certifications: AWS Certified Security Specialty Microsoft Certified: Cybersecurity Architect Expert (SC-100) Google Cloud Certified Professional Cloud Security Engineer CISSP or CCSP Good to Have CISM , CRISC , Terraform Associate , or platform-specific architect certifications (e.g., AWS Solutions Architect Professional , Azure Solutions Architect Expert , Google Professional Cloud Architect )
Job Description: ForgeRock Architect Job Overview: We are seeking a seasoned ForgeRock Architect to lead the strategic planning, design, and delivery of identity solutions leveraging the ForgeRock Identity Platform . This role is critical in architecting secure, scalable, and compliant IAM frameworks that integrate seamlessly with enterprise applications and cloud infrastructure . The candidate will guide the full implementation lifecycle , ensuring alignment with business and regulatory objectives . Key Responsibilities: Define IAM architecture using ForgeRock components to meet organizational security and operational goals Deploy and optimize ForgeRock Identity Platform ( AM, IDM, DS, IG ) in hybrid or cloud-native environments Lead integration with systems including web apps, APIs , and cloud workloads Establish authentication and authorization flows using SAML, OAuth 2.0, OpenID Connect Implement adaptive and multi-factor authentication (MFA) strategies Create automation scripts and Ansible playbooks for deployments and upgrades Configure directory services for user policies , access hierarchies , and replication Manage key stores , including certificate generation and renewal Diagnose and resolve complex identity and access issues Document architectural blueprints, runbooks , and operational procedures Translate business identity requirements into technical deliverables Mentor team members and ensure adherence to design and coding standards Required Skills: 12+ years in IAM , including 5+ years with ForgeRock Hands-on experience across ForgeRock modules (AM, IDM, DS, IG) Strong knowledge of identity lifecycle , federated identity , and policy enforcement Ability to integrate IAM with legacy and cloud-native systems Proven ability to lead and deliver enterprise IAM projects Excellent communication and stakeholder engagement skills Technical Skills: ForgeRock Stack : Advanced knowledge of AM, IDM, DS, IG (v6.5+) Authentication Protocols : OAuth 2.0, SAML 2.0, OpenID Connect, WS-Federation MFA : Integration with ForgeRock MFA, Symantec VIP, Google Authenticator Directories : Configuration and tuning of OpenDJ, Active Directory, Oracle Unified Directory Automation : Expertise with Ansible , scripting for provisioning and deployment Languages : Proficiency in Java, Groovy, Shell scripting Cloud Platforms : Deployment experience on AWS, Azure, or GCP Security : Deep understanding of encryption, certificate/key management , API security DevOps Tools : Use of Git, Jenkins , and exposure to Kubernetes environments Certifications: ForgeRock Identity Management Core Concepts (IDM-400) ForgeRock Access Management Core Concepts (AM-400)
SailPoint IIQ Architect Job Overview: We are looking for an experienced SailPoint IIQ Architect to design and implement robust IAM solutions for enterprise-scale environments. This role requires deep technical knowledge of SailPoint IIQ, strong architecture and leadership capabilities, and the ability to engage with stakeholders to align IAM solutions with business goals and regulatory requirements. Key Responsibilities: Design scalable and secure SailPoint IIQ architectures for enterprise identity programs Lead the implementation of lifecycle workflows , certification processes, and access request configurations Develop and configure custom connectors for integration with target systems and applications Perform role mining and implement RBAC/ABAC models for access governance Define and enforce IAM policies and compliance controls in alignment with security frameworks Onboard applications with automated provisioning and de-provisioning capabilities Generate custom dashboards and compliance reports to support audit requirements Create technical design documents, architecture diagrams , and configuration guides Collaborate with business analysts and stakeholders to gather IAM requirements and translate them into technical solutions Participate in troubleshooting and performance optimization during deployments Conduct code reviews and quality checks to maintain high development standards Provide technical mentoring to junior team members and contribute to IAM best practice repositories Required Skills: Strong expertise in Identity & Access Management principles , including governance, access reviews, and entitlement management Proven track record of leading complex SailPoint IIQ implementations across large user bases Experience in designing custom workflows, rules, and approval logic in SailPoint Ability to interface with security, infrastructure, and application teams during solution delivery Proficient in analyzing business use cases and translating them into technical configurations Skilled in client communication, documentation , and stakeholder engagement Capable of driving multiple project streams with minimal supervision Technical Skills: 6+ years hands-on with SailPoint Identity IQ (IIQ) design and deployment Java, Bean Shell, and XML/JSON for custom development and integration Proficiency with REST/SOAP APIs and directory services (LDAP, AD) Hands-on with databases (Oracle, SQL Server, MySQL) and query optimization Comfortable in Windows and Unix/Linux server environments Experience in developing and tuning rules, tasks, roles, and policies in IIQ Familiarity with application security protocols and secure coding practices Mandatory Certifications: SailPoint Certified Identity IQ Architect Good to Have Certifications: SailPoint Certified Identity IQ Engineer
Job Description: Beyond Trust Architect Job Overview: We are looking for professionals with hands-on experience in implementing and operating Beyond Trust Password Safe (On-Prem) as part of a broader Privileged Access Management (PAM) strategy. The ideal candidate should have strong expertise in solution architecture, customization, and integration , along with a solid understanding of cloud platforms such as AWS and Azure . Familiarity with security frameworks and compliance requirements is essential. The role involves working across the full lifecycle of PAM implementation, ensuring secure, scalable, and compliant access management. Key Responsibilities: Develop and execute implementation plans for Beyond Trust Password Safe, including HA/DR setup Aligning PAM deployments with organizational security and compliance requirements Customize Beyond Trust Password Safe based on business use cases and operational needs Integrate Beyond Trust with tools such as SSO, MFA, ITSM, and SIEM platforms Conduct testing for functionality, performance, and security Deliver training sessions to administrators and end user Create and maintain technical documentation and user manuals Manage and support day-to-day PAM operations and access requests Follow ITSM processes like Incident Management and Change Management Generate reports on privileged accounts and access usage Coordinate with internal audit and compliance teams during assessments Troubleshoot technical issues and optimize performance of the PAM solution Lead and collaborate with technical teams across different project phases. Stay current on PAM trends , security threats , and Beyond Trust updates Continuously enhance the PAM setup based on feedback and new requirements Required Skills: Hands-on experience with Beyond Trust Password Safe implementation Good understanding of Privileged Account lifecycle and governance Ability to design scalable, secure, and compliant PAM architectures Working knowledge of IAM concepts and IT compliance frameworks Ability to troubleshoot technical issues and implement optimizations Experience in project coordination and stakeholder engagement Excellent communication and documentation skills Technical Skills: Beyond Trust Password Safe Installation, configuration, upgrades, clustering Integration with Active Directory, LDAP, Azure AD, SIEM, ITSM, and MFA/SSO solution Proficiency in network protocols (TCP/IP, SSH, RDP), and secure communications Familiarity with AWS and Azure cloud environments , roles, policies PowerShell / REST API scripting for automation and custom integrations Strong knowledge of security standards (e.g., NIST, CIS, ISO) Understanding of ITSM tools like ServiceNow, Jira, BMC Remedy Familiarity with audit, logging, compliance reporting tools Certifications: Mandatory: Beyond Trust Certified Implementation Professional (BCIP) Good to Have: Certified Information Systems Security Professional (CISSP) AWS Certified Security Specialty Microsoft Certified: Azure Security Engineer Associate ITIL v4 Foundation
Job Description : Microsoft Entra Architect Job Overview: We are seeking a highly skilled Microsoft Entra ID (Azure AD) Design & Implementation Specialist to lead and deliver strategic identity modernization initiatives. The role focuses on the architecture, design, and implementation of Entra ID services, including SSO, MFA, Conditional Access, Federation , and Identity Governance . This position is ideal for professionals who have led end-to-end identity transformation projects and have a deep understanding of modern authentication standards and security frameworks. Key Responsibilities: Architect and deploy Microsoft Entra ID solutions for hybrid and cloud-native environments Design SSO integrations for third-party and enterprise applications using SAML, OAuth2, and OpenID Connect Implement Multi-Factor Authentication (MFA) and configure authentication methods like FIDO2, Passkeys, and CBA Develop and manage Conditional Access policies using dynamic signals and risk-based access controls Modernize authentication by migrating apps from ADFS to Entra ID , ensuring claim transformations and trust configurations Configure and manage Entra ID synchronization using Connect or Cloud Sync , including OU filtering and writeback Build and maintain PKI infrastructure with smart card logon, auto-enrollment, and certificate lifecycle management Implement Identity Governance capabilities including Access Reviews, PIM , and Entitlement Management Automate identity tasks using Microsoft Graph API and PowerShell scripting Enhance security posture through Zero Trust design , secure score analysis, and tools like Ping Castle and Blood Hound Create detailed design documents , implementation runbooks, and best practice guidelines Required Skills: Hands-on expertise in Microsoft Entra ID design and configuration Proficiency in modern authentication protocols and SSO integration Strong grasp of MFA enforcement and Authentication Strengths configuration Experience with identity modernization from legacy systems (e.g., ADFS) Knowledge of hybrid identity sync architecture and deployment strategies Practical understanding of PKI components and digital certificate management Exposure to identity lifecycle automation and custom scripting Familiarity with Zero Trust principles and cloud security controls Experience in governance and access management on a scale Technical Skills: Microsoft Entra ID (Azure AD) SAML, OAuth2, OpenID Connect MFA, CBA, FIDO2, Passkeys ADFS Migration Microsoft Entra Connect / Cloud Sync PowerShell, Microsoft Graph API PKI / SSL / Certificate Templates Access Reviews, PIM, Entitlement Management Certifications Mandatory: Microsoft Certified: Identity and Access Administrator Associate (SC-300) Good to Have: Microsoft Certified: Azure Security Engineer Associate Microsoft Certified: Cybersecurity Architect Expert (SC-100)
Job Title: CyberArk Implementation Architect Job Overview: We are looking for a CyberArk Implementation professional to lead the deployment, integration, and operationalization of Privileged Access Management (PAM) solutions. The role involves managing all technical aspects of CyberArk implementation, including plugin development, policy configuration, system integration, and ongoing support for security and compliance. Key Responsibilities: Implement and configure CyberArk PAM components (Vault, PVWA, CPM, PSM, PTA) Onboard privileged accounts and integrate infrastructure, databases, and applications Develop and troubleshooting custom plugins for privileged session management and command control Automate tasks using scripting languages and APIs (e.g., PowerShell, Python, REST Define and apply access control policies, platforms, and entitlement models Manage vault configurations, credential rotation schedules, and session recording Perform CyberArk upgrades, patching, backup/restore, and system health monitoring Document deployment runbooks, technical designs, and solution configurations Collaborate with cross-functional teams for requirements gathering and solution design Support audits by providing evidence of access controls, privileged reviews, and compliance report Required Skills: Hands-on experience in CyberArk implementation and integration Strong understanding of PAM concepts , session management, and vaulting strategies Proficiency with directory services (Active Directory, LDAP) and authentication protocols (Kerberos, RDP, SSH) Experience integrating CyberArk with various endpoints (Windows, Linux, Databases, Network Devices) Exposure to ticketing system integrations (ServiceNow, Remedy) Familiarity with security best practices, privileged account reviews , and compliance requirements Excellent communication, troubleshooting, and documentation skills Technical Skills: CyberArk Modules: Vault, PVWA, CPM, PSM, PTA Scripting: PowerShell, Python, AutoIT, Bash Integration Tools: REST APIs, Application Identity Manager (AIM), PSM connectors Platforms: Windows, Linux, ESXi, Network Devices Cloud & DevOps: Azure, AWS, GCP (basic), exposure to CI/CD tools is a plus Protocols: RDP, SSH, SAML, OAuth, TLS/SSL Certifications: Mandatory: CyberArk Defender Certification CyberArk Sentry Certification Good to Have: CyberArk Guardian Certification
Product Security Architect Job Overview: Product Security Architect shall lead the integration of cybersecurity into the product lifecycle , from design to deployment . This role defines secure architecture , drives secure development practices , and partners with engineering and business teams to manage cyber risks and deliver secure, resilient products . As a technical authority , you will enhance the overall security posture and support innovation through robust security solutions. Key Responsibilities: Lead and support all phases of secure engineering, product support, and development of lifecycles Drive secure development principles and implement cybersecurity practices across engineering and production teams Define cybersecurity requirements, perform gap analysis, and establish roadmaps to manage and remediate residual risk Architect secure solutions, define security control frameworks, and integrate cybersecurity features into product designs Conduct and support threat modeling, risk assessments, security assurance testing, and vulnerability assessments Lead security design reviews and provide oversight for secure architecture implementation Serve as a subject matter expert to resolve complex product cybersecurity challenges Mentor engineering teams provide training and promote secure coding and design practices Participate in audit and compliance activities for certifications, governance, and standards. Collaborate on ad hoc cybersecurity initiatives to support secure operations and product innovation Ensure alignment of security strategies with overall product and business objectives Required Skills: Strong background in cybersecurity principles, secure software/hardware design, and development practices In-depth experience with risk management, threat modeling, security testing, and vulnerability assessments Solid understanding of industry security standards (e.g., NIST, ISO 27001/62443, OWASP) Excellent analytical, problem-solving, and decision-making capabilities Demonstrated ability to lead cross-functional teams and influence stakeholders Technical Skills: Secure Development Lifecycle (SDLC) frameworks Architecture risk analysis and mitigation strategies Embedded system and IoT security Cryptographic protocols and key management Threat modeling tools (e.g., STRIDE, DREAD, Microsoft Threat Modeling Tool) SAST/DAST tools and techniques Security compliance and regulatory standards (e.g., IEC 62443, NIST 800-53) Dev SecOps integration Cloud security (AWS, Azure) and container security principles Familiarity with secure firmware and hardware-level security controls Mandatory Certifications: OSCP Offensive Security Certified Professional Good to Have Certifications: CSSLP - Certified Secure Software Lifecycle Professional
Network Security Architect Job Overview: We are seeking a skilled and experienced Network Security Architect to design and implement secure, scalable, and resilient network architectures across enterprise environments. This role is responsible for ensuring the integrity, confidentiality, and availability of network services by embedding security principles across all layers of network design. The ideal candidate will lead efforts in advanced threat protection, secure segmentation, and infrastructure hardening in IT landscape. Key Responsibilities: Design secure network architecture frameworks for enterprise infrastructure Develop reusable network security patterns , guardrails, and standard checklists Evaluate and enhance the security posture of existing network architectures Define and implement network segmentation and micro segmentation strategies Lead integration and tuning security appliances (firewalls, IDS/IPS, VPNs, NAC etc.) Provide architectural guidance on advanced threat detection and response scenarios Align network security initiatives with compliance and governance requirements Collaborate with IT, Security Operations, and Engineering teams to integrate and optimize security controls Support secure design and protection of IT networks with applicable standards and technologies Technical Skills: Strong expertise in network protocols , routing , and switching technologies Hands-on experience with firewalls , IDS/IPS , VPN technologies , and network access control (NAC) Proficiency in network segmentation , zoning , and micro segmentation techniques Knowledge of intrusion prevention and detection technologies and their deployment Understanding of network logging, monitoring, and packet capture tools Experience integrating network security into hybrid environments (on-prem and cloud) Familiarity with network anomaly detection systems and secure perimeter design Required Skills: Proven experience in securing enterprise networks on a scale Ability to translate business requirements into secure and resilient network designs Strong understanding of network risk assessment , gap analysis , and remediation planning Experience collaborating with cross-functional security and infrastructure teams Capability to lead incident response efforts related to network-level threats Excellent documentation and communication skills for architecture and security reporting Certifications Mandatory: CISSP CCNP Security or equivalent advanced network security certification from other OEM Palo Alto PCNSE Palo Alto Networks Certified Network Security Engineer Good to Have Certifications: CCIE Security Cisco Certified Internetwork Expert (Security)
Enterprise Security Architect Job Overview: We are seeking an experienced Enterprise Cybersecurity Architect to define, design, and drive secure architecture strategies across complex enterprise ecosystems. The role requires expertise in integrating security principles into architectural frameworks while ensuring alignment with business goals, compliance mandates, and the evolving threat landscape. The ideal candidate will act as a trusted advisor, guiding teams in secure solution design, technology selection, and architectural governance. Key Responsibilities: Define and maintain enterprise-level security architecture aligned with business and regulatory requirements Integrate security-by-design and privacy-by-design principles into enterprise IT and digital transformation initiatives Perform threat modeling and architectural risk assessments across applications, infrastructure, and cloud services Develop and evolve security reference architectures, patterns, and roadmaps for Zero Trust, SASE, and secure SDLC Review and evaluate architectural designs, identifying risks and recommending secure alternatives Lead the adoption of cloud-native security controls and hybrid-cloud architecture best practices Collaborate with enterprise architects and engineering teams to embed security across platforms and pipelines Design identity architecture strategies, including federated identity, privileged access, and conditional access models Guide implementation of Dev SecOps practices including code scanning, IaC security, and automated security gates Support compliance with industry frameworks such as NIST CSF, ISO 27001, MITRE ATT&CK, GDPR, and PCI-DSS Conduct evaluations of emerging technologies, tools, and architectural patterns from a security perspective Align architectural outcomes with business continuity, incident response, and data protection objectives Contribute to security policy development, secure baseline enforcement, and architectural documentation Mentor cross-functional teams on best practices for security architecture and enterprise integration Technical Skills: Strong understanding of enterprise architecture methodologies (TOGAF, SABSA, Zachman) In-depth experience in securing networks, applications, endpoints, identities, and data Expertise in cloud security architecture (Azure, AWS, GCP) including Landing Zones, NSGs, Security Groups, etc Familiarity with micro segmentation , Zero Trust principles, and identity-centric network design Proficiency in security platforms: SIEM, SOAR, WAF, DLP, EDR, PKI, VPN, NAC In-depth understanding of application security assessment methodologies including OWASP Top 10 , OWASP ASVS , OWASP MASVS , and modern attack/defense techniques Hands-on capability in threat modeling using STRIDE , DREAD , and MITRE ATT&CK frameworks across diverse architectures Experience in security automation and orchestration using tools like Terraform, Ansible, Sentinel, etc. Exposure to container and API security (e.g., Kubernetes, Istio, API gateways, service mesh) Understanding data-centric security including tokenization, masking, encryption, and data vaults Required Skills: Ability to architect and communicate secure, scalable, and resilient enterprise solutions Strong analytical mindset with the capability to translate business requirements into technical controls Ability to work independently while collaborating across Security, IT, Cloud, and Application teams Familiarity with compliance, risk, and governance aspects of security architecture Experience supporting architectural reviews, security assessments, and technology evaluations Capability to lead architecture functions in regulated and complex enterprise environments Strong communication, documentation, and stakeholder management skills Certifications: Mandatory: CISSP Certified Information Systems Security Professional TOGAF The Open Group Architecture Framework Microsoft Certified: Cybersecurity Architect Expert or AWS/Azure Solution Architect certifications Good to Have: GIAC Defensible Security Architect (GDSA) CISSP-ISSAP – Architecture Specialization SABSA Foundation or Practitioner Certified Network Defender (CND) or CCNP Security Cloud Security Certifications – AWS Security Specialty / Azure Security Engineer Associate
IAM Security Architect Job Overview: We are looking for a highly skilled IAM Security Architect to lead the design and implementation of secure identity and access management solutions across enterprise environments. This role requires deep expertise in identity governance, authentication protocols, access controls, cloud entitlements, and secure architecture practices. The ideal candidate will play a critical role in enhancing enterprise security posture through modern IAM strategies while aligning with industry standards, compliance mandates, and zero trust principles. Key Responsibilities: Architect and maintain secure identity solutions for hybrid and cloud environments covering workforce and application identities Design end-to-end identity frameworks involving authentication, authorization, federation , and privileged access management Define roadmaps and blueprints for Identity and Access Management (IAM) and Privileged Identity Management (PIM) solutions Implement modern Zero Trust Architecture , incorporating the least privilege , JIT , and risk-based conditional access models Lead integration of IAM with multi-factor authentication (MFA) , SSO , password less technologies , YubiKey , and device-based authentication Develop and enforce enterprise IAM standards aligned with NIST CSF , ISO 27001 , SOC , GDPR , and other regulatory requirements Provide expert consultation for IAM governance , role modeling, access reviews, and compliance controls Participate in threat modeling , risk assessments, and secure design reviews of IAM-related implementations Guide the deployment of identity federation , OAuth2.0 , OIDC , SAML , Kerberos , LDAP , and token-based authentication Support secure identity design for microservices, APIs , and mobile/web applications across the enterprise Enable secure application onboarding, application registration , and integration with IAM platforms Architect solutions for secrets management , certificate management , and session security Lead secure configuration and policy design for modern IAM Solutions Support cloud infrastructure entitlement management (CIEM) for Azure, AWS, and hybrid environments Mentor IAM engineers and collaborate with cybersecurity, application, and infrastructure teams on security improvements Technical Skills: Expertise in IAM protocols : OAuth 2.0, OpenID Connect, SAML, RADIUS, Kerberos, LDAP Strong experience in M365, Entra ID, Azure AD , Sentinel , Defender , and Azure-native identity controls In-depth experience with IAM platforms : SailPoint, Okta, PingFederate, CyberArk, Beyond Trust Hands-on knowledge in token management , session handling, mTLS, secrets vaulting, and credential protection Deep understanding of API Security , application security in Java/React/Android/iOS , and browser session models Experience in CI/CD pipeline security , Infrastructure as Code (IaC) with Terraform, Azure CLI , scripting with PowerShell and Bash Understanding of Kubernetes, service mesh, container orchestration , and identity integrations within modern workloads Knowledge of CIEM , RBAC policies , DLP , VPNs , DNS security , WAFs , RADIUS clusters , and Cloud-native IAM Required Skills: Proven experience architecting IAM solutions in large, regulated, and hybrid enterprise environments Deep knowledge of identity lifecycle , access provisioning , privilege elevation , and entitlement workflows Experience leading IAM audits , access certification , compliance reviews , and security hardening activities Ability to perform identity-related risk analysis , map control gaps , and define remediation plans Cross-functional collaboration experience with application , DevOps , security , and infrastructure teams Strong documentation and presentation skills to articulate complex IAM architecture clearly to stakeholders Ability to troubleshoot complex IAM issues and analyze logs via Sentinel , KQL , and other telemetry sources Certifications CISSP Okta Certified Professional or CyberArk Defender GIAC Identity and Access Management Certification (GIAC IAM) Microsoft Certified: Cybersecurity Architect Expert or Azure Security Engineer Associate (AZ-500)
Security Operations Architect Job Overview: We are seeking a highly capable Security Architect with a focus on Security Operations Center (SOC) technologies and architecture. The ideal candidate will contribute to designing and maintaining a robust security monitoring infrastructure and will provide strategic direction on threat detection, response, and mitigation. This role involves working closely with security engineers, analysts, and business stakeholders to ensure end-to-end security coverage and continuous improvement of SOC capabilities. Key Responsibilities: Design and architect SOC-related infrastructure and workflows , ensuring scalable and resilient solutions Assess, select, and integrate SOC tools such as SIEM, SOAR, EDR, and threat intelligence platforms Lead security monitoring strategies , including use case development and data source onboarding Work closely with incident response teams to define and refine detection and response procedures Develop and enforce security event correlation rules, alerts, and automation playbooks for timely threat detection and response Perform SOC capability maturity assessments , identifying areas for improvement and innovation Establish KPIs and metrics to measure the effectiveness of SOC tools and processes Evaluate cloud-native SOC solutions (e.g., Microsoft Sentinel, AWS GuardDuty) and integrate them into hybrid environments Guide SOC analysts and junior architects on architecture best practices and threat modeling Ensure compliance with industry frameworks such as MITRE ATT&CK, NIST, ISO 27001 , and regulatory requirements Participate in security assessments and red/blue team engagements , contributing architectural improvements based on findings Conduct research and proof-of-concept (PoC) evaluations of new SOC tools and emerging threat detection technologies Develop and maintain security architecture documentation , tool inventories, and process flows for SOC operations Technical Skills: Hands-on expertise in SIEM platforms (Splunk, QRadar, Arcsight, Sentinel) Experience with SOAR tools (Google SecOps, Palo Alto Cortex XSOAR, IBM Resilient) Strong working knowledge of Endpoint Detection and Response (EDR/XDR) tools (CrowdStrike, Sentinel One, Microsoft Defender) Familiarity with Threat Intelligence Platforms (TIP) and integration with SOC workflows Understanding of Syslog, NetFlow, packet capture , and log aggregation technologies Proficient in scripting for automation (Python, PowerShell, Bash) Exposure to cloud security tools : Azure, AWS and GCP Working knowledge of firewalls, IDS/IPS, DLP, PAM, and WAF Familiarity with security orchestration and alert tuning practices Required Skills: Strong understanding of Security Operations , incident lifecycle, and attack detection Solid grasp of MITRE ATT&CK framework , TTP mapping, and threat hunting techniques Ability to design and review security monitoring architecture for enterprise environments Proficiency in creating and managing security use cases and detection rules Experience integrating business-critical data sources into SIEM and optimizing parsing Good communication skills to collaborate with engineering, IT, and executive teams Certifications CISSP GIAC Security Essentials (GSEC) Microsoft Cybersecurity Architect (SC-100) or equivalent GIAC Certified Detection Analyst (GCDA) Splunk Enterprise Security Certified Admin / Architect Certified SOC Analyst (CSA)