Information Security Architect
DeloitteIndia14 hours ago
Full-timeOther
Track This Job
Add this job to your tracking list to:
- Monitor application status and updates
- Change status (Applied, Interview, Offer, etc.)
- Add personal notes and comments
- Set reminders for follow-ups
- Track your entire application journey
Save This Job
Add this job to your saved collection to:
- Access easily from your saved jobs dashboard
- Review job details later without searching again
- Compare with other saved opportunities
- Keep a collection of interesting positions
- Receive notifications about saved jobs before they expire
AI-Powered Job Summary
Get a concise overview of key job requirements, responsibilities, and qualifications in seconds.
Pro Tip: Use this feature to quickly decide if a job matches your skills before reading the full description.
Key Responsibilities:
Security Architecture Review & Threat Modeling:
- Conduct security architecture reviews for applications, cloud environments, and IT systems to identify risks.
- Perform threat modeling (e.g., STRIDE, PASTA, MITRE ATT&CK, DREAD) to assess potential attack vectors and weaknesses.
- Analyze authentication, encryption, and access control mechanisms within application and system architectures.
- Review security controls against industry standards and organizational policies (e.g., NIST, ISO 27001, OWASP, CIS Controls, TISAX).
- Provide secure design recommendations to mitigate identified risks.
Application & Cloud Security Assessment:
- Assess web, mobile, and cloud-based applications for security risks and misconfigurations.
- Evaluate API security, microservices architectures, and containerized environments for vulnerabilities.
- Validate implementation of IAM, Zero Trust, network segmentation, and encryption standards.
Security Risk & Compliance Evaluation:
- Identify security gaps in applications and infrastructure and recommend compensating controls.
- Ensure compliance with GDPR, SOC 2, PCI-DSS, ISO 27001, TISAX, and other relevant security frameworks.
Collaboration & Reporting:
- Create comprehensive reports detailing identified risks, mitigation strategies, cloud specific controls, data flow diagram, trust zones, and improvement recommendations.
- Collaborate with stakeholders to develop and refine the enterprise security architecture and threat modeling strategies.
Qualifications & Experience:
- Bachelor’s or Master’s degree in Cybersecurity, Computer Science, Information Technology, or a related field.
- 3+ years of experience in security architecture review, threat modeling, and risk assessment.
- Strong expertise in threat modeling frameworks such as STRIDE, PASTA, MITRE ATT&CK, OWASP ASVS.
- Knowledge of cloud security (AWS, Azure, GCP), API security, and microservices architecture.
- Familiarity with IAM, Zero Trust, MFA, RBAC, PAM, and network security principles.
- Experience in secure SDLC, DevSecOps, and security assessment.
- Hands-on experience with security assessment tools (e.g., Microsoft Threat modeling, Microsoft Visio).
- Understanding of penetration testing methodologies, security misconfigurations, and application security risks.
Preferred Certifications:
- CISSP (Certified Information Systems Security Professional)
- CSSLP (Certified Secure Software Lifecycle Professional)
- CCSP (Certified Cloud Security Professional)
- AWS/Azure Security Certifications
- CEH (Certified Ethical Hacker) or OSCP (Offensive Security Certified Professional)
Location and way of working
- Base location: Bangalore, Chennai, Mumbai, Pune & Hyderabad
- This profile involves frequent travelling to client locations.
Key Skills
Ranked by relevanceReady to apply?
Join Deloitte and take your career to the next level!
Application takes less than 5 minutes