A Senior Security Architect is a leadership role focused on designing, implementing, and managing an organization's cybersecurity infrastructure. They are responsible for ensuring the confidentiality, integrity, and availability of data and systems. Education & Qualification: B.E. / B.Tech / MCA./ BCA/ BSC with minimum 10 to 12 years of experience in Network security & architecture and Information security. Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or similar are preferred. Key Responsibilities: Develop and maintain a comprehensive security architecture framework aligned with business goals and regulatory requirements. Identify and assess security risks and develop mitigation strategies. Design and implement security solutions, including firewalls, intrusion detection systems, and data loss prevention tools. Create and maintain security architecture diagrams and documentation. Stay up-to-date on the latest security threats and technologies. Strong understanding of security domains (e.g., network security, data security, application security). Experience with security frameworks (e.g., MITRE, NIST, ISO). Profound understanding on cryptographic standards, application security, enterprise architecture, software development lifecycle etc Network security architecture and its development are both important to understand. Expertise in security measures such as firewalls, intrusion detection, and prevention systems (IDS/IPS), network access controls, and network segmentation. Perform security reviews, identify gaps in security architecture, and develop a security risk management plan Evaluate security architectures and designs to determine the adequacy of security design and architecture proposed or provided in response to requirements Thorough knowledge of authentication and authorization standards applicable in the web services, enterprise application, API development, eg: OAuth2, SAML, Tokenization etc. Responsible for designing, developing, and maintaining complex API architecture framework solutions that meet the requirements as well as adhering to established architectural principles, standards, and patterns. Advanced skill in Secure Software development lifecycle (SSDLC) methodology and Work with DevOps engineers to integrate new code into existing continuous integration (CI) and continuous delivery/deployment (CD) pipelines Deep understanding of security vulnerabilities, exploits application infrastructure, APIs etc Familiarity with OWASP, SANS and other coding guidelines Knowledge of Cyber kill chain (MITRE), Threat Modelling (STRIDE), NIST framework Experienced in security of middleware tools such as Service oriented architecture (SOA) Web architecture Ensure compliance with relevant security standards and regulations (e.g., ISO 27001, NIST). Strong analytical and problem-solving skills. Provide guidance and mentorship to junior security team members.
