Security Architect

 About The Role  

Project Role :Security Architect

Project Role Description :Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations.
Must have skills :Application Security Architecture and Design

Good to have skills :NAMinimum
5 year(s) of experience is required

Educational Qualification :15 years full time education
Summary:We are looking for a Technical Lead with strong expertise in Application and Infrastructure Security to lead a suite of security services including vulnerability management, application security testing (SAST/DAST), and penetration testing. This role is ideal for someone who can not only execute and review security assessments but also manage tools, provide technical direction to a delivery team, and act as a trusted advisor to the client on security best practices.
Roles & Responsibilities:-Lead the delivery of application and infrastructure security services including:-Dynamic Application Security Testing (DAST)-Static Application Security Testing (SAST/SCA)-Web & API Penetration Testing-Mobile Application Security Testing-Infrastructure Vulnerability Management (IVM)-Oversee scan scheduling, execution, validation, and reporting.-Drive the reduction of false positives and enhance detection accuracy.-Ensure timely delivery of security testing activities aligned with client SLAs.-Perform automated and manual security scans for applications and infrastructure.-Validate findings, analyze root causes, and prioritize remediation based on risk.-Provide technical recommendations to development, DevOps, and infrastructure teams.-Align findings with recognized standards (e.g., OWASP Top 10, CVSS, CWE).-Administer and optimize usage of security tools including but not limited to:-WebInspect, Veracode, Burp Suite, Custom Scripting Tools-GitLab, ServiceNow Security Modules-Datadog Security Explorer, OpenShift ACS-Tune and maintain tool configurations, scan profiles, and dashboards.-Track scan volumes, issue lifecycle, and performance KPIs.-Deliver dashboards and executive-level reports on security posture.--Support audit, compliance, and client reporting needs.-Team Collaboration & Stakeholder Management-Provide technical direction and mentorship to the delivery team.-Liaise with client teams, application owners, and platform SMEs.-Ensure effective communication across stakeholders for testing, issue triage, and remediation. Professional & Technical Skills:

-Experience in Cybersecurity, with specialization in Application Security and Vulnerability Management.-Strong technical knowledge of SAST/DAST tools (e.g., Veracode, WebInspect).-Hands-on experience in penetration testing of web, mobile, and API-based applications.-Familiarity with infrastructure scanning and vulnerability remediation practices.-Strong understanding of secure SDLC, OWASP Top 10, SANS Top 25, and risk classification models (CVSS, CWE).-Experience working in global delivery teams, preferably in a client-facing role.Preferred Certifications-CEH / OSCP / GWAPT / CISSP / CSSLP,Veracode Certified Specialist or equivalent,Vendor certifications on WebInspect, Burp Suite, GitLab Security-Knowledge of cloud security principles (Azure/AWS/GCP)-Familiarity with container security and DevSecOps tooling-Exposure to automated CI/CD security integrations
Additional Information:- The candidate should have minimum 5 years of experience in Application Security Architecture and Design.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 
15 years full time education