Information Security Architect

Key Responsibilities:

Security Architecture Review & Threat Modeling:

• Conduct security architecture reviews for applications, cloud environments, and IT systems to identify risks.
• Perform threat modeling (e.g., STRIDE, PASTA, MITRE ATT&CK, DREAD) to assess potential attack vectors and weaknesses.
• Analyze authentication, encryption, and access control mechanisms within application and system architectures.
• Review security controls against industry standards and organizational policies (e.g., NIST, ISO 27001, OWASP, CIS Controls, TISAX).
• Provide secure design recommendations to mitigate identified risks.

Application & Cloud Security Assessment:

• Assess web, mobile, and cloud-based applications for security risks and misconfigurations.
• Evaluate API security, microservices architectures, and containerized environments for vulnerabilities.
• Validate implementation of IAM, Zero Trust, network segmentation, and encryption standards.

Security Risk & Compliance Evaluation:

• Identify security gaps in applications and infrastructure and recommend compensating controls.
• Ensure compliance with GDPR, SOC 2, PCI-DSS, ISO 27001, TISAX, and other relevant security frameworks.

Collaboration & Reporting:

• Create comprehensive reports detailing identified risks, mitigation strategies, cloud specific controls, data flow diagram, trust zones, and improvement recommendations.
• Collaborate with stakeholders to develop and refine the enterprise security architecture and threat modeling strategies.

Qualifications & Experience:

• Bachelor’s or Master’s degree in Cybersecurity, Computer Science, Information Technology, or a related field.
• 3+ years of experience in security architecture review, threat modeling, and risk assessment.
• Strong expertise in threat modeling frameworks such as STRIDE, PASTA, MITRE ATT&CK, OWASP ASVS.
• Knowledge of cloud security (AWS, Azure, GCP), API security, and microservices architecture.
• Familiarity with IAM, Zero Trust, MFA, RBAC, PAM, and network security principles.
• Experience in secure SDLC, DevSecOps, and security assessment.
• Hands-on experience with security assessment tools (e.g., Microsoft Threat modeling, Microsoft Visio).
• Understanding of penetration testing methodologies, security misconfigurations, and application security risks.

Preferred Certifications:

• CISSP (Certified Information Systems Security Professional)
• CSSLP (Certified Secure Software Lifecycle Professional)
• CCSP (Certified Cloud Security Professional)
• AWS/Azure Security Certifications
• CEH (Certified Ethical Hacker) or OSCP (Offensive Security Certified Professional)

Location and way of working

• Base location: Bangalore, Chennai, Mumbai, Pune & Hyderabad
• This profile involves frequent travelling to client locations.