116 Security Architecture Jobs - Page 3

Agile and DevOps Security Architect Release Management | Quality Control & Assurance | Change Management | Audit Management |GRC Governance Risk and Compliance | Tech and Cyber security Risk Assessments | Risk Management & Mitigation | Resilience and Business Continuity| Incident Management | Information System Audit | Vendor Management | Project Management | Application Security| Governance and Reporting | Process Enhancement Plans| Team Management| Service Delivery| Service Assurance | Project Management| Threat Modeling

Job Description Job title: Senior Software Technologist - Security u00A0 Your role: u2022 Utilizes specialized knowledge to manage and address a diverse range of security issues and projects within the team, applying in-depth expertise to identify, analyze, and resolve complex security challenges, ensuring effective solutions and enhanced protection for the organization. u2022 Works under limited supervision and broad guidelines, using independent judgment to make decisions on significant compliance matters and navigate complex situations effectively. u2022 Examines potential security breaches by assessing the nature and scope of the threat, coordinate an effective response to mitigate immediate impacts, and recommend comprehensive corrective actions to address identified vulnerabilities. u2022 Identifies key performance indicators (KPIs) for information security, providing detailed reports and analysis to assess the effectiveness of security measures, and ensure alignment with organizational security objectives. u2022 Tracks service levels related to information security, providing detailed analyses and reports on security service performance, incidents, and issues to ensure optimal security operations and compliance with established standards. u2022 Monitors the health and performance of security services, investigating incidents and driving their resolution, coordinating with vendors and other stakeholders to ensure effective service execution and mitigate security issues. u2022 Assists in the evaluation of both new and existing applications by participating in security reviews, ensuring that they meet established security standards and identifying potential vulnerabilities that need to be addressed. u2022 Reviews security policies, procedures, and related documentation to ensure effectiveness, incorporate best practices, address emerging threats, and align with organizational needs and compliance requirements, maintaining a robust and adaptive security framework. u2022 Develops effective relationships with internal teams and external partners to collaboratively resolve security-related issues, refine procedures, and enhance security outcomes in alignment with organizational goals. You're the right fit if: Bachelor's / Master's Degree in Computer Science, Information Technology, Cybersecurity or equivalent. Minimum 8-10 years of experience in areas such as Security Architecture, Network Security, Cybersecurity Technology, Information Security or equivalent Experience in cloud and/or application security Possess strong knowledge of cloud architectures and security best practices Hands-on experience with Infrastructure as Code tools, particularly Terraform Show proficiency in secure coding practices and OWASP Top 10 Have at least one hands on experience participating in security compliance (industry regulation, ISO27001, SOC2) R elevant cloud security certifications (e.g., CCSP, AWS Security) E xperience with healthcare industry security requirements Expertise in cloud-native security tools Strong open source culture, and u201Cautomation firstu201D mindset. Autonomous, rigorous, team-oriented, and driven by meaningful projects. How we work together We believe that we are better together than apart. For our office-based teams, this means working in-person at least 3 days per week. Onsite roles require full-time presence in the companyu2019s facilities. Field roles are most effectively done outside of the companyu2019s main facilities, generally at the customersu2019 or suppliersu2019 locations. Indicate if this role is an office/field/onsite role. About Philips We are a health technology company. We built our entire company around the belief that every human matters, and we won't stop until everybody everywhere has access to the quality healthcare that we all deserve. Do the work of your life to help the lives of others. u2022 Learn more about . u2022 Discover . u2022 Learn more about . If youu2019re interested in this role and have many, but not all, of the experiences needed, we encourage you to apply. You may still be the right candidate for this or other opportunities at Philips. Learn more about our culture of impact with care .

The ServiceNow Engineer/Consultant role based in Gurgaon, India is a senior position with diverse responsibilities within the ServiceNow organization. As a key point of escalation on site, you will be tasked with owning specific modules within the ServiceNow platform and serving as a Subject Matter Expert for various tools such as ITSM, Discovery, Event Management, SPM, IntegrationHub, Midservers, and other coding languages and security protocols. Your primary duties will include building platform capabilities using Flow Designer, custom code, and integrating with external systems. You will be required to actively work on platform tickets and incidents as they arise, ensuring the stability and security of the Instance. Additionally, part of your role will involve brainstorming and implementing new capabilities while providing training to existing staff for continuous learning and development. To excel in this position, you should possess a solid understanding of ServiceNow functionalities related to ITSM, ITOM, SPM, ServiceWatch, Midserver, and security architecture for SaaS platforms. Your expertise should extend to configuring base capabilities and demonstrating platform integration models effectively. Furthermore, you should have strong collaboration skills to work effectively within the team and manage multiple workstreams efficiently. Clear communication of expectations and project status is essential, along with the ability to mentor junior team members globally. Your success in this role will also be measured by your capability to deliver comprehensive documentation and training materials on various aspects of ServiceNow capabilities, ensuring knowledge transfer and skill enhancement across the team.,

As an AI Automation Solution Architect/Lead with a background in infrastructure, you will play a crucial role in designing, leading, and implementing advanced AI-driven automation solutions to enhance our infrastructure, operations, and business processes. Your responsibilities will include creating scalable, secure, and high-performing automation initiatives that leverage AI/ML technologies and enterprise-grade IT infrastructure. You will lead the design and architecture of AI-powered automation solutions, focusing on infrastructure automation, AIOps, intelligent process automation, and self-healing systems. Your role will involve defining technical roadmaps, blueprints, and reference architectures that align with enterprise architecture and business objectives. Additionally, you will evaluate and select AI/ML models, tools, platforms, and infrastructure technologies to meet solution requirements effectively. In this position, you will provide technical leadership and mentorship to development, MLOps, and infrastructure teams, guiding them on best practices for AI automation, infrastructure as code, and cloud-native architectures. You will drive the adoption of modern engineering practices, advise stakeholders on the feasibility of AI automation technologies, and identify opportunities to leverage AI and automation for operational efficiency and innovation. Collaboration with infrastructure teams, clear communication of technical concepts to diverse audiences, and the management of vendor relationships will be essential aspects of your role. You will have the opportunity to contribute to the development of organizational standards, policies, and governance frameworks for AI automation, ensuring alignment with industry best practices. To qualify for this role, you should hold a Bachelor's or Master's degree in Computer Science, Engineering, Information Technology, or a related field, along with 18+ years of experience in IT, including a minimum of 5 years in a solution architecture or lead role focused on automation, infrastructure, or cloud. Proficiency in cloud platforms, infrastructure components, Infrastructure as Code tools, and programming languages commonly used in AI/ML and automation is required. Strong communication, presentation, and interpersonal skills are essential for success in this position. Preferred qualifications include experience with specific AI automation platforms, certifications in cloud architecture, understanding of ITIL, DevOps, and Agile methodologies, and familiarity with enterprise-level security practices and compliance frameworks. In this role, you will have the opportunity to work with cutting-edge AI and automation technologies, collaborate in an innovative work environment, receive a competitive salary and benefits package, and access professional development and growth opportunities. Your contributions will have a significant impact on the company's operational efficiency and strategic direction.,

About Gameskraft: Established in 2017, Gameskraft is recognized as one of India's fastest-growing companies, dedicated to building the world's most-loved online gaming ecosystem. Founded by a team of enthusiastic gamers, we have expanded from a small group of 5-6 members to a large family of 600+ Krafters based in our office at Prestige Tech Park, Bangalore. Our primary focus is on creating a safe, secure, and responsible gaming environment for all users. With a vision to deliver unparalleled experiences consistently, we are committed to setting industry-leading standards in design, technology, and user experience. Gameskraft is proud to be the only ISO 27001 and ISO 9001 certified company in the industry. About the Role: Gameskraft is currently seeking a highly skilled Lead Information Security Engineer to spearhead the design, implementation, and management of the organization's security architecture. As a Lead Information Security Engineer, you will collaborate with cross-functional teams, playing a crucial role in safeguarding our critical information assets. Your expertise will be instrumental in enhancing our security posture, ensuring compliance with industry standards, and staying vigilant against emerging threats. Key Responsibilities: 1. **Security Architecture and Strategy:** Design, implement, and uphold the enterprise security architecture. Enforce security policies, standards, and best practices. Evaluate and deploy security tools and technologies to mitigate risks. 2. **Incident Response and Threat Management:** Lead the investigation and resolution of security incidents and breaches. Develop and maintain incident response plans. Conduct threat modeling, vulnerability assessments, and penetration testing. 3. **Risk Management and Compliance:** Perform risk assessments and recommend mitigations to minimize exposure. Ensure compliance with regulatory frameworks and standards (e.g., ISO 27001, NIST, GDPR, PCI DSS). Collaborate with legal, compliance, and audit teams to address security-related requirements. 4. **Leadership and Team Development:** Guide and mentor a team of security engineers and analysts. Cultivate a culture of security awareness throughout the organization. Collaborate with IT and development teams to integrate security into the DevSecOps lifecycle. 5. **Stakeholder Collaboration:** Serve as the primary security liaison for stakeholders, including executives, customers, and external auditors. Communicate security risks and recommendations to non-technical audiences. Partner with product and engineering teams to incorporate security into all development stages. Qualifications and Skills: - **Education and Experience:** Bachelor's degree in Computer Science, Information Security, or a related field. Minimum of 5-7 years of information security experience, with at least 2 years in a senior role. - **Certifications:** Preferred certifications include CISSP, CISM, CISA, CEH, or equivalent. - **Technical Expertise:** Profound knowledge of security frameworks (e.g., NIST, ISO 27001, CIS Controls). Proficiency in security tools like SIEM, IDS/IPS, firewalls, DLP, and endpoint protection. Expertise in cloud security (AWS, Azure, GCP) and container security. Understanding of cryptography, secure coding practices, and network security protocols. - **Soft Skills:** Strong problem-solving and analytical skills. Exceptional communication and stakeholder management abilities. Work Culture: Gameskraft offers a true startup culture characterized by youth, a fast-paced environment, and a focus on personal ownership of challenges that promote rapid growth. Innovation, data orientation, result-driven mindset, pursuit of ambitious goals, and adaptability are central to our work culture. We foster a high-performance, meritocratic setting where idea sharing, debates, and collective growth are encouraged with each new product. Employees can expect to make a significant impact through solving dynamic challenges, leveraging technology, and analytics, and collaborating with cross-functional teams to deliver exceptional products to the market. Compensation & Benefits: Gameskraft provides an attractive compensation package alongside ESOP benefits. Employees receive a medical insurance cover of INR 5 lakh for themselves and their family, fair and transparent performance appraisals, a car lease policy, relocation benefits, and access to a vibrant office space with fully stocked pantries. Additionally, lunch is provided. If you are passionate about creating exceptional user experiences, possess strong leadership skills, and have a proven track record of successful data science, we invite you to apply for this exciting opportunity. Gameskraft is committed to fostering equal employment opportunities and building an inclusive work environment where every individual can thrive. Together, we can achieve more!,

As an Operational Technology (OT) Cybersecurity Leader at Agratas, a subsidiary of Tata Sons, you will play a crucial role in ensuring the security and resilience of our organization's operational technology systems. With a minimum of 8 years of experience in the OT security domain, you will lead the development and implementation of OT cybersecurity strategies, policies, and controls to protect our industrial control systems (ICS), supervisory control and data acquisition (SCADA) systems, and other critical infrastructure. Your key responsibilities will include developing and implementing OT cybersecurity strategies aligned with business objectives and regulatory requirements in India and the UK. You will conduct risk assessments of OT systems, design security controls and monitoring solutions, and lead incident response and recovery efforts in case of security incidents. Additionally, you will be responsible for raising awareness of OT cybersecurity risks, ensuring regulatory compliance, managing relationships with vendors and third-party providers, and designing OT security architectures. To be successful in this role, you must have extensive experience in OT cybersecurity, a strong understanding of OT protocols, standards, and technologies, and experience with risk assessment methodologies specific to OT environments. Excellent leadership, communication, analytical, and problem-solving skills are essential, along with the ability to collaborate effectively with cross-functional teams and OT personnel. A Bachelor's degree in Information Security, Computer Science, or a related field is required, while advanced degrees or relevant certifications such as GICSP, CISSP, or ISA/IEC 62443 are preferred. If you are passionate about cybersecurity, have a strong technical background, and are looking to make a significant impact in the green growth and technological progress sectors, we invite you to apply for this challenging and rewarding opportunity at Agratas.,

Responsibilities: . The Security Consultant should have a strong understanding of the emerging security practices and standards. Should be able to consult, engineer and apply security best practices while designing and proposing solutions to our enterprise customers. Should be able to conduct system security, vulnerability analysis and risk assessment, identify security gaps, identify integration issues, study architecture/platform and design security architecture. A Cloud Native Security Consultant undertakes complex work of a high-risk level, often working on several projects. In this role, you will: Interact with senior stakeholders across departments Reach and influence a wide range of people across larger teams and communities Research and apply innovative security architecture solutions to new or existing problems and be able to justify and communicate design decisions Develop vision, principles, and strategy for security architects for one project or technology Work out subtle security needs Understand the impact of decisions, balancing requirements and deciding between approaches Produce patterns and support quality assurance Be the point of escalation for architects in lower-grade roles Lead the technical design of systems and services Qualifications/Experience: . Bachelors degree in any stream. Minimum 3 years of working experience in Cyber Security Consulting or Advisory. Successfully delivered at-least 2 (two) Cyber Security consulting and implementation projects as consultant in recent years (2 years). Certification: Preferred Certification: GIAC Cloud Security Automation (GCSA) Certified Kubernetes Security Specialist (CKS) Certified DevSecOps Professional (CDP) KUBERNETES AND CLOUD NATIVE ASSOCIATE (KCNA) OEM certification on CNAPP security products (e.g., Palo Alto Prisma, Checkpoint Cloudguard, Aqua Security etc.) Cloud Service Provider Security Certificates (e.g., SC-100, AWS Certified Security-Specialty, GCP Professional Cloud Security Engineer) Pen Tester certification (LPT/ OSCP/GPEN) Certified Security - Specialty Certification should be valid Responsibilities Below will be the scope of the role Collaborate with teams to build & deliver solutions implementing serverless, microservices based, IaaS, PaaS and containerized architecture of multi cloud environment Develop rule base and parameterized IaC templates for automated deployment using Terraform Build CI/CD Pipeline using AWS (CodeBuild, CodeDeploy, CodePipeline), Google (Cloud Build), Azure (DevOps, Pipelines) Integrate 3rd party tool with CICD Process (e.g. SonarQube, CheckMarx, Embold) Config Manage environment using industry standard DevOps tools (Ansible) Implement scripting to extend build\deployment\monitoring process (PowerShell, Bash, Python) Ability to develop IaC with Terraform Strong understanding on Cloud Networking Container, Microservices, Docker, Kubernetes security. Network Security Orchestration on Microservices environment Secure Microservice Communication, Secure Authentication to Common DB without API/password/sharing keys Technical documentation, Product evaluation, POC. Implementation, Migration and Architect of Security Technology and Solution DevOps, DevSecOps and SRE (site reliability Engineering) mindset Knowledge and Skills . Candidate should have experience in the below domains Hands on experience with Cloud Native Application protection CNAPP Tools (Prisma Cloud by Palo Alto, Checkpoint Cloud Guard, Aqua Security) Hands on experience with Automation Tools (e.g., Ansible, Chef, Puppet) Experienced with Application migration from Monolithic to Microservices Architecture Web Application Firewall implementation experience at Kubernetes and API Gateway Experience with implementation of Vulnerability scanner and Container Image repository hardening Well depth understanding on AWS, AZURE, GCP offered services (EKS, AKS, GKE) Understanding and review of Infrastructure as Code (IaC), Compliance as Code (CaC) Updated with trends and participation of industry recognized forum (e.g., Cloud Native Computing Foundation) Experienced with deliverables on Cloud Security Posture Management, Cloud Workload Protection, Cloud Infra Entitle Management, Serverless Security Application Security testing for Web and Mobile as SAST/DAST/IAST approach (Fortify, Veracode, Burp Suite) Secure Code review, Open-Source validation (Gitlab, Coverity, SonarQube, Black Duck) Well versed with OWASP Top10 and SANS top 25 Vulnerabilities and remediation Well understanding on PTES (Penetration Testing Execution Standard) and Testing. Well understanding Software Security Framework (e.g., BSIMM, SAMM) Good written & verbal communication and analytical skills. Good documentation skills. Good problem-solving skills.

Responsibilities: * Ensure compliance with regulatory requirements * Manage firewall configurations & updates * Lead network security strategy development * Oversee SIEM implementation & monitoring

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture, and technology to become the best version of you. And we're counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself and a better working world for all. As part of our EY-GDS GRC Technology team, you will drive complex GRC Technology SAP Security engagements and help solve broader risks through solution implementation. You will be the SMR to recommend, design, develop, document, test, and debug new and existing implementations and/or applications for internal use, for difficult business problems. In addition, participate in solution designing and consult with business clients/onsite team to understand and meet business needs, and achieving business and technology initiatives. The opportunity We're looking for people with expertise in SAP Security to join our EY-GDS GRC Technology Team. This is a fantastic opportunity to be part of a leading firm while being instrumental in the growth of the service offering. Your Key Responsibilities Actively aid the team in different phases of the project including problem definition, effort estimation, diagnosis, solution generation, design, and deployment for SAP ERP & GRC solutions. Act as a project lead/assist the lead in successful execution of the project (estimation, reviews, customer satisfaction, etc.). Ability to work effectively as a team lead and member, share responsibility, provide support, maintain communication, update senior team members on progress, and mentor the team. Train and coach junior team members on the project and drive project tasks/activities. Help drive quality within the deliverables for self and junior team members. Help prepare responses to RFP, create POCs for client demonstrations. Demonstrate a detailed knowledge of market trends, competitor activities, EY products, and service lines. Identify and lead automation initiatives to improve efficiency in engagements. Understand, analyze the requirements, allocate tasks, and update status reports. Prepare project documentation and procedures. Ensuring adherence to the software development life cycle while working on projects. Skills And Attributes For Success Strong communication, presentation, and team-building skills and experience in producing high-quality reports, papers, and presentations. Foster teamwork, quality culture, and lead by example while training and mentoring juniors. Inculcate a positive learning culture and support the learning agenda for self and team. To qualify for the role, you must have CA/MBA/M.Sc./B.Tech with a minimum of 3 - 7 years of consulting/auditing experience. Experience in 2-4 end-to-end implementation projects with at least one full cycle S4 HANA transformation project. Rich experience in SAP security design and configuration for multiple applications like ECC, BW, SRM, Portal, S4HANA, Fiori, BPC, and Success Factors. Understanding of business processes, controls frameworks, compliances and regulations, and segregation of duty concepts in an SAP ERP environment. Understanding of SAP security processes, security architecture, and administration. End-to-end implementation experience of SAP GRC access controls (access request management, business role management, emergency access management, access risk analysis, user access review, and SOD review) and deployments. Good understanding of functional processes to drive ruleset and controls framework design within GRC access control. Good exposure to benchmarking and remediation activities for GRC rulesets. Stronghold on the basic SAP landscape, transport system, and version compatibility concepts. What We Look For A Team of people with commercial acumen, technical experience, and enthusiasm to learn new things in this fast-moving environment with consulting skills. An opportunity to be a part of a market-leading, multi-disciplinary team of 1400+ professionals, in the only integrated global transaction business worldwide. Opportunities to work with EY Consulting practices globally with leading businesses across a range of industries. What Working At EY Offers At EY, we're dedicated to helping our clients, from startups to Fortune 500 companies, and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching, and feedback from some of the most engaging colleagues around. Opportunities to develop new skills and progress your career. The freedom and flexibility to handle your role in a way that's right for you. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people, and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform, and operate. Working across assurance, consulting, law, strategy, tax, and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.,

You will be part of a global and diverse community at American Express, where you will have the opportunity to contribute to the company's success and work in an environment that values integrity and inclusivity. As a member of the U.S. Consumer Services and Enterprise Digital & Data Technology Team, you will play a key role in developing technology capabilities that enhance digital engagement and support various business lines and customer segments. In this role, you will be responsible for Business Process Management architecture, focusing on increasing adoption of automation platforms, delivering technology products, and providing innovative solutions. You will spend 25% of your time on hands-on technical projects, analyzing and recommending solutions based on research and introspection. Your responsibilities will include designing and leading solutions, ensuring alignment with enterprise architecture standards, and collaborating with engineering teams to implement solutions that drive measurable business improvements. To succeed in this role, you should have a minimum of 10 years of engineering or architecture experience, with a strong background in designing and deploying enterprise-grade technology assets. A bachelor's degree in computer science or a related field is required, and an advanced degree is preferred. You should have deep knowledge of architectural disciplines and experience in introducing new technologies based on research. Proficiency in technology architecture, containers, cloud management, and COTS product evaluation is essential, along with the ability to write, read, and debug code. Preferred qualifications include experience in delivering technology products for enterprise scale, exposure to AI technologies, and expertise in service-oriented architecture and microservices architecture. You should also have experience with high-throughput messaging technologies and channel-specific architecture skills. American Express offers competitive salaries, bonus incentives, and comprehensive benefits to support your holistic well-being, including medical, dental, vision, life insurance, and disability benefits. You will have access to career development opportunities and flexible working arrangements based on business needs. Join Team Amex and be part of a team that values your contributions and supports your professional growth and personal well-being.,

As a PS Consultant (XDR), you will be responsible for providing expert-level remote consultation and support in the network and security domain to leading global clients. Your primary role will involve implementing, supporting, and optimizing EDR/XDR and security solutions while closely collaborating with customers and internal account teams. Desired Profile: Education: - BE/BTech in Computer Science or equivalent. Experience: - You should have 6-8 years of experience in remote support/consultation for network and cybersecurity, with a strong focus on EDR/XDR solutions. Technical Skills: - Possess an advanced understanding of internetworking, LAN/WAN, and routing protocols. - Strong knowledge of Remote Access VPNs, IPSEC, PKI & SSL, TCP/IP, and authentication protocols (LDAP, RADIUS). - Proficiency in firewall configuration, installation, and operations. - Hands-on experience with EDR and XDR platforms is mandatory. - Experience with endpoint security, multi-factor authentication systems, and security architecture. - Familiarity with cloud technologies like AWS, Azure, VMware NSX (a plus). - Strong troubleshooting skills for NAT, IPSEC VPNs, and understanding their impact on applications/users. - Exposure to products from Cisco, Palo Alto, Fortinet, Checkpoint, and Juniper is preferred. Consulting Skills: - Excellent written and verbal communication skills. - Strong customer-facing and problem-solving abilities. - Ability to manage multiple projects and priorities in a fast-paced, global environment. - A self-starter who thrives both individually and within a team. Why Join Us - Work with a globally recognized team on large-scale enterprise projects. - Gain exposure to cutting-edge technologies in cybersecurity and cloud. - Be a part of an agile, collaborative, and inclusive work culture. Ready to make an impact Apply now or share your resume at tulika.mukherjee@kerol.in. Tag someone who fits this role or Share This Opportunity!,

Inviting applications for the role of Principal Consultant - Solution Architect ASRB Security Engineer An ASRB is a governing organization that examines and confirms compliance for hardware and software projects, both new and updated. The aim of the ASRB is to convey business requirements to interested parties and encourage uniform technology stacks and designs among cloud initiatives. Responsibilities : . Experience in managing the Security Architecture engagement review request. . Work directly with application teams and solution architects to review proposed architectures to ensure alignment with approved design patterns and security control requirements. . Recommend and/or approve designs and/or platform services which align with defined best practices. Provide list of security recommendations to the application team based on the architecture/security review checklist provided. . Prepare Architecture & Security Review Board (ASRB) and/or Architecture Design Review (ADR) artifacts ensuring inclusion of necessary project information and architectural diagrams sufficient to disposition the design proposal, working collaboratively with the application team and solution architect. . Hosting and/or supporting Cyber in these meetings with an intent, to strategically assess project proposals containing network, cloud platform/services and application architecture, with a purpose of identifying and highlighting both cyber risk and compliance control gaps that the project teams will then have to remediate prior to project go-live. . Document security gaps or non-compliant patterns/components (i.e., ports/protocols/services/integrations) and track these to closure with the application teams. . Develop and Maintain Security Standards for Azure/AWS Cloud Services . Cloud Security Configuration and management, rules creation and configuration . Good years of experience in Infrastructure Security and Operations . Good years of experience in Securing AWS Cloud . Mandatory knowledge off foundation Cloud Services Compute, Database, Network, Security Groups, Network Access List (NACL), Firewall rules and Storage. . Understand threat modelling of applications. . Knowledge of AZURE AND AWS products and services: EKS, S3, SQS, SNS, Cloud Watch, Elastic Cache, Kinesis, Cloud Trail, KMS, WAF, Guard Duty, IAM, Lambda, Connect, RDS . Knowledge of AZURE AND AWS products and services: AZURE AND AWS AD, VM, BLOB, Key Vault, Log Analytics, Monitor, AZURE AND AWS Databases (SQL, PostgreSQL, MySQL), Key Vault, Security Center, Activity log . Security certifications from AWS/Azure. . Understand latest trends. . Understand top key risks. . Have Strong Knowledge in Networking in Cloud. . Strong communication and written skills . Experience creating technical documentation. . Hands on experience Securing solutions on Azure/AWS . Knowledge of security controls for the public cloud . Knowledge of Industry Security standards (HIPPA, SOX, PCI-DSS) . Knowledge of Compliance standards (NIST, CIS) . Securing Linux and Windows OS . Experience with Open-Source Cloud and configuration management tools (Terraform Ansible, etc.) . Experience with alternate cloud providers (e.g. AWS) Qualifications we seek in you! Minimum qualifications / Skills Bachelor%27s Degree required. Preferably in Computer Science, Information Systems, or related field Preferred qualifications / Skills Very good written and presentation / verbal communication skills with experience of customer interfacing role. In-depth requirement understanding skills with good analytical and problem-solving ability, interpersonal efficiency, and positive attitude. . . . . . .

As a Security Architect & Engineer, you will play a crucial role in designing secure architectures, implementing effective security controls, and supporting security operations across IT and cloud environments. Your responsibilities will involve creating long-term security strategies aligned with business goals, evaluating security technologies, and ensuring compliance with regulatory requirements. In the realm of Security Architecture, you will be tasked with designing secure and scalable architectures that seamlessly integrate with existing IT systems. Your role will also involve recommending security technologies, frameworks, and practices across IT, OT, and cloud environments. Implementing access control and identity management measures will be essential, including least privilege, RBAC, MFA, and SSO controls. In terms of Security Engineering, you will apply secure configuration baselines and automation across operating systems, databases, and cloud environments. Supporting security and vulnerability assessments, assisting in patch implementations, and promoting infrastructure-as-code and DevSecOps practices will also fall under your purview. Your involvement in Security Operations will require collaboration with SOC and IT teams to detect, investigate, and respond to security incidents. To enhance security measures, you will support threat hunting, root cause analysis, and the evolution of incident response and disaster recovery plans. Regarding Risk, Compliance & Governance, you will be responsible for identifying and mitigating security risks associated with IT systems. Developing security policies, conducting risk assessments, ensuring compliance with frameworks and regulations, and providing security input into vendor assessments will be crucial aspects of your role. In terms of Collaboration & Communication, you will act as a trusted advisor to internal teams on security best practices and secure solution design. Your ability to translate complex security topics into actionable guidance for technical and business stakeholders will be paramount. To qualify for this role, you should hold a Bachelor's degree in Information Security, Computer Science, or a related field, along with 8-12 years of cybersecurity experience. Strong knowledge of cloud security services, regulatory compliance requirements, IAM concepts, and relevant certifications are required. Additionally, experience with SIEM, EDR, vulnerability scanners, and cloud-native controls is essential. While not mandatory, advanced knowledge in cloud security architecture, experience with automation tools, and relevant certifications like CISSP, CISM, or CEH would be advantageous. This position may offer remote work options and will involve collaboration with diverse teams in a dynamic environment, providing you with the opportunity to contribute to critical security initiatives.,

As an Operational Technology (OT) Cybersecurity Leader at Agratas, you will play a crucial role in ensuring the security and resilience of our organization's operational technology systems. With a minimum of 8 years of experience in the OT security domain, you will be responsible for securing industrial control systems (ICS), supervisory control and data acquisition (SCADA) systems, and other critical infrastructure. Your deep understanding of OT cybersecurity principles and strong leadership skills will be essential in securing OT environments. Your key responsibilities will include developing and implementing an OT cybersecurity strategy aligned with business objectives and regulatory requirements in India and the UK. You will define policies, procedures, and standards for securing OT systems and infrastructure, conduct risk assessments to identify vulnerabilities and threats, and implement risk management strategies to mitigate risks effectively. Designing and deploying security controls and monitoring solutions to protect OT systems from cyber threats, as well as developing incident response plans and procedures specific to OT environments will be part of your role. You will also be responsible for raising awareness of OT cybersecurity risks among stakeholders, providing training on security policies and controls, and ensuring compliance with regulatory requirements and industry standards. Managing relationships with vendors and third-party providers, conducting security assessments, and collaborating with OT engineers to integrate security controls into systems are critical aspects of the role. Your extensive experience in OT cybersecurity, knowledge of OT protocols and technologies, and strong analytical skills will be invaluable in identifying and mitigating OT security risks effectively. Ideally, you will hold a Bachelor's degree in Information Security, Computer Science, or a related field, along with relevant certifications such as GICSP, CISSP, or ISA/IEC 62443. Your role at Agratas will involve working collaboratively with cross-functional teams and OT personnel to ensure the security and resilience of our operational technology systems.,

You will be responsible for conducting application security reviews for Web, Mobile (Android and iOS), and API technologies. Your role will involve assessing and identifying potential vulnerabilities in the technology being developed before implementation. You should have expertise in application security testing methodologies such as SAST, DAST, and MAST, with experience in web application, API security, and mobile application security testing according to industry standards like OWASP top 10, SANS top 25, etc. It would be beneficial to have knowledge of programming and scripting languages such as Java, JavaScript, Angular, Spring Boot, Kotlin, and Swift. Familiarity with tools like Burp Suite, Postman, SoapUI, Checkmarx, Netsparker, Nexus IQ, Kryptowire for security testing and analyzing scanned reports is essential. Moreover, a strong understanding of application security tooling and experience in driving automation within the delivery environment is required. You must hold industry-recognized Information Security and Cyber Security qualifications such as CISSP, CISA, OSCP, GIAC GPEN, GIAC GMOB. A deep understanding of security industry trends, major vulnerabilities, and security threat landscape is crucial. Knowledge of Zero Trust security principles and practical implementations is necessary. While a degree is desirable, it is not mandatory. Experience in supporting major programs, security architecture, creating security designs, and displaying positive leadership behaviors related to risk management and mitigation is expected. Proficiency in collaboration tools like SharePoint, Teams, Confluence, and JIRA is advantageous. Hands-on experience in working with DevOps and Agile teams to incorporate security in the software development lifecycle is a key requirement. Additionally, experience in application risk assessment, threat modeling, and working closely with delivery teams for security risk remediation is important. About the Company: Purview is a leading Digital Cloud & Data Engineering company with headquarters in Edinburgh, United Kingdom and a presence in 14 countries including India, Poland, Germany, USA, UAE, Singapore, Australia, among others. The company provides services to Captive Clients and top-tier IT organizations, delivering solutions and resources to clients worldwide. Company Information: Purview Services 3rd Floor, Sonthalia Mind Space Near Westin Hotel, Gafoor Nagar, Hitechcity, Hyderabad Phone: +91 40 48549120 / +91 8790177967 Gyleview House, 3 Redheughs Rigg South Gyle, Edinburgh, EH12 9DQ Phone: +44 7590230910 Email: careers@purviewservices.com Login to Apply!,

As a key member of the team reporting to the RingCentral CISO, you will collaborate closely with local leadership to lead and orchestrate day-to-day tasks and business initiatives. Your primary responsibility will be to oversee and lead the local Security Operations, Compliance, Application Security, and Trust teams in India. Your role will involve developing and implementing security policies and procedures to safeguard the organization's data and systems effectively. You will lead security teams and coordinate efforts across various departments in multiple regions, ensuring compliance with relevant global and in-country regulations and standards. Additionally, you will drive vendor risk management, customer trust programs, and oversee security operations-related programs like incident response, vulnerability management, and threat intelligence. Furthermore, you will be responsible for maintaining solutions for firewalls, WAFs, IDS/IPS, and endpoint security infrastructure. Your role will also involve leading security engineering efforts to design and implement secure systems and applications. Regular security assessments and audits will be conducted under your guidance to identify and mitigate risks effectively. You will also formulate data discovery techniques for structured and unstructured data in collaboration with engineering teams. To be successful in this role, you should hold a Bachelor's degree or an Advanced Degree in Computer Science, Information Technology, Cybersecurity, or possess relevant technical security certifications such as SANS. You must have a minimum of 15 years of extensive experience in IT and cybersecurity roles, demonstrating a proven track record in managing security teams and projects. Possession of security certifications like CISSP, CISM, CISA, CCSP, OSCP, CEH, etc., will be advantageous. You should have an in-depth understanding of cybersecurity principles and best practices, along with experience in compliance frameworks such as ISO 27001, NIST, and GDPR. Strong technical skills in areas like network security, application security, data protection, and security architecture are essential. Proficiency in risk management, supply chain security, and incident response is required. Your leadership and management skills will be crucial in effectively leading security teams and projects. Excellent communication skills are necessary for interacting with stakeholders, customers, and auditors at all levels. Analytical and problem-solving abilities will help you identify and address security challenges efficiently.,

As the Lead Security Engineer, you will play a pivotal role in ensuring the confidentiality, integrity, and availability of sensitive data across our systems. You will lead our data security strategy and execution, driving initiatives to mitigate risks and protect our data from evolving cyber threats. In this role, you will work closely with cross-functional teams, including engineering, compliance, and operations, to implement best practices for data protection and compliance with relevant industry regulations, such as GDPR, CCPA, PCI-DSS, and others. Lead Data Security Strategy: Develop and execute a comprehensive data security strategy aligned with the company's business objectives and regulatory requirements. Design and implement robust data protection frameworks, including encryption, data masking, tokenization, and data loss prevention (DLP) systems. Conduct regular risk assessments to identify data vulnerabilities and recommend and implement appropriate mitigation strategies to safeguard sensitive financial data. Ensure compliance with all applicable data security regulations and standards (GDPR, PCI-DSS, SOC 2, etc.) and manage audits and assessments. Lead efforts for investigating and responding to data security incidents, including data breaches, leaks, or unauthorized access events. Work closely with product, engineering, and IT teams to integrate security best practices into the software development lifecycle (SDLC) and cloud infrastructure. Design secure data architectures that support scalable, high-performance systems while minimizing exposure to data breaches. Lead, mentor, and grow a team of data security engineers, fostering a culture of continuous learning and improvement. Provide security awareness training to internal teams, educating them on the latest data security threats, trends, and best practices. Assess third-party vendors" security posture and collaborate on securing data exchanges with partners and clients. Implement monitoring systems to detect data security threats and provide regular reporting on the organization's data security posture to senior leadership. Qualifications: - Experience: 7+ years of experience in data security, with at least 3 years in a leadership or senior role within a fintech or similar regulated environment. - Technical Expertise: Strong knowledge of data encryption technologies, cloud security (AWS, Azure, GCP), data loss prevention (DLP), identity and access management (IAM), and security protocols (e.g., TLS, VPNs). - Regulatory Knowledge: In-depth understanding of data security regulations and standards (GDPR, CCPA, PCI-DSS, SOC 2, etc.) and experience leading compliance efforts. - Risk Management: Proven experience conducting risk assessments, threat modeling, and implementing mitigation strategies in a highly regulated environment. - Incident Response: Hands-on experience leading data breach investigations and managing data security incidents from identification to resolution. - Leadership Skills: Strong leadership, mentoring, and team-building capabilities, with a proven ability to drive cross-functional collaboration. - Problem-Solving & Analytical Thinking: Excellent analytical and troubleshooting skills with a strong attention to detail. - Certifications: CISSP, CISM, CISA, or other relevant certifications are highly desirable. Preferred Qualifications: - Experience with DevSecOps practices, security automation, and CI/CD pipeline integration. - Familiarity with advanced threat detection technologies like SIEM, EDR, and SOAR platforms.,

You will be providing tier two operational support and leading team efforts in resolving incidents and outages for information security technology and its dependencies on Public and Private Cloud computing environments, shared platforms, and operating systems for more than three of the following technologies: Malware Analysis, SIEM (Splunk), Software-defined (Cloud) Network Security, Endpoint Security Protection, and Data Loss Prevention. Your responsibilities will include ensuring the team's adherence to SOPs, providing training and performance monitoring for team members, and focusing on continuous process improvement for efficiency, including automation wherever applicable. You will also be conducting recurring assessments of all key SOC workflows to identify process deficiencies and improvement opportunities for staff. Additionally, you will be partnering with other technology teams to handle and respond to internal customer issues, conducting problem analysis, providing solutions for service level improvements, and ensuring timely remediation of security issues in accordance with corporate policies and standards. You will execute daily security technology administration functions, perform Root Cause Analysis (RCA) on applicable technology, and validate the quality of dashboards and alerts to suggest updates reflecting new threats and changes in the monitored environment. Furthermore, you will be supporting the Security Operations team in various technology projects and operational initiatives, working as part of a team to ensure that Guardian customers" data, technology platforms, and infrastructure are available and safeguarded from cyber threats. You will follow ITIL practices regarding incident, problem, and change management and stay up to date with emerging cyber threats, industry best practices, and applicable regulatory requirements. Required qualifications for this role include being curious and having a desire to analyze anomalies, a passion for learning and growing in Cybersecurity, a customer-focused demeanor, and a minimum of 3 years of proven experience in building and operating security controls in at least two of the specified domains. You should also have an understanding of security architecture, operating and troubleshooting principles of Microsoft Windows and Linux operating systems, as well as experience in SIEM management, endpoint security, security incident handling, data loss prevention, and threat intelligence. Preferred qualifications include recognized Security Industry and Public Cloud IaaS certifications, familiarity with security industry standards and best practices, and experience with ITIL and incident, problem, change, and risk management. This position can be based in Chennai or Gurgaon.,

About One One's mission is simple - to help customers achieve financial progress. One is creating simple solutions to assist customers in saving, spending, borrowing, and growing their money all in one place. The U.S. consumer today deserves better, as millions of Americans are unable to access credit, build savings or wealth, and are managing their financial lives through multiple disconnected apps. Approximately a quarter of U.S. adults are unbanked or underbanked, and about 80% of fintech users rely on multiple accounts to manage their finances. One is unique as it is backed by a preeminent fintech investor (Ribbit) and the world's largest retailer (Walmart), maintaining the speed and independence of a startup while employing a strong and growing collection of world-class talent. This presents an opportune moment to build a business that aids people in achieving financial progress. Come build with us! The Role As an Application Security Engineer at One, you will be responsible for ensuring that One delivers secure and reliable applications at scale. Your role involves partnering with engineers to integrate security into the product from the ground up, developing engineering tools and workflows to test and validate artifacts, and actively creating security frameworks. You will champion modern Application Security Engineering at One, directly impacting the security of all products. Additionally, you will provide subject-matter expertise to product teams on security best practices, optimize secure coding practices, utilize offensive security techniques to strengthen our environment, and enhance overall security practices. Responsibilities - Ensuring the quality and security of applications and products by guiding their development through the Secure Development Lifecycle (SDLC) process. - Conducting SAST/DAST and penetration testing on core application services, web applications, and mobile applications. - Developing, maintaining, and extending an in-house application security and penetration testing automated testing framework. - Creating secure libraries, hardening existing libraries and frameworks, and eliminating vulnerabilities. - Enforcing SDLC practices through Infrastructure-As-Code (IaC) policies whenever possible. - Collaborating closely with Engineering teams to validate the security posture of new features before production deployment. - Triaging and validating security vulnerabilities, acting as a subject-matter expert in AppSec for the Engineering team. - Refactoring and deploying secure libraries and frameworks across the code repository. - Training engineers, architects, code reviewers, and others on secure coding practices. - Contributing to application threat models and maintaining awareness of vulnerabilities in application technologies. - Working with Security and other engineering teams to maintain a security architecture that provides controls across all platforms to mitigate risk. - Providing expertise on code-level security concerns during product development. Requirements - 5+ years of experience in security engineering, DevSecOps, and application development. - Strong knowledge of CVSS, MITRE ATT&CK, and OWASP Top 10. - Proficiency in TypeScript and practical understanding of AWS core services. - Experience with modern application architecture, deployment practices, and secure software development frameworks. - Familiarity with Library/API/Framework development and integrating security scanning tools with CI/CD. - Expertise in security vulnerabilities, cryptography, and security evaluation tooling. - Exposure to technologies like AWS, iOS, Android, Vault, Kubernetes, React, GraphQL, and Datadog. - Understanding of regulatory compliance concerns (GLBA, CCPA, PCI). - Triple H Factor: Humble, Hungry, and Honest with an act-like-an-owner mentality. What it's like working @ One - Competitive compensation. - Benefits effective from day one. - Early access to a high-growth fintech startup. - Generous stock option packages. - Employer Provident Fund contributions. - Comprehensive health insurance for you and your family, including mental health support. - Flexible time off programs, monthly transport allowance, work-from-home stipend, and a hybrid working model. Leveling Philosophy One follows a flat titling structure to scale the company thoughtfully and avoid inequities. Internal titles reflect specific functional responsibilities and additional descriptors for clarity within the organization. Employees are compensated based on experience and internal level within One. Inclusion & Belonging,

Key Responsibilities: Approx 5 years experience as a Security Architect Bachelor s degree in information technology security or similar Experience in providing security architecture support to a large development organization Information security credentials such as IGP CISSP or similar Well versed in cloud security on a generic level as well as AWS Secondary Skills SAST and DAST Solid diplomatic and communication skills in English The candidate will primary work with security assessments and as part of that also be able to provide guidance on how to close security gaps The candidate will also be part of shift left for assessments to automate and minimize the manyal work involved It is also expected that the candidate will assist in creating an assessment factory with a streamlined process for approaching assessments Preferred Skills: Technology->Enterprise Architecture->Data / Information Architecture

Implement, monitor, and enhance IT security infrastructure; manage SIEM, endpoint protection, vulnerability scanning, and incident response within IT environments. Required Candidate profile Experienced IT security professionals with strong knowledge of enterprise cybersecurity tools, SIEM, firewalls, and security standards like NIST, ISO 27001.

Let's talk about the team At Resmed, the Enterprise Security team safeguards the systems, data, and technologies that enable our mission to improve lives through connected health. We collaborate across engineering, data science, enterprise architecture and business units to embed security in everything we build. Let's talk about the role We are seeking an experienced Application Security Architect to join our growing Secure Architecture team. In this role, you will focus on designing secure solutions for modern application architectures including AI/ML workloads, APIs and cloud-native systems across hybrid environments. You will partner with cross-functional teams to embed security into solution designs, champion secure development practices and align architecture with Resmeds overall security strategy. This role is ideal for someone who thrives on innovation, thinks like an adversary and believes secure design is critical to scalable growth. Let’s talk about responsibilities Lead security architecture efforts for AI, API and cloud-based applications across AWS, Azure and GCP platforms. Define and evaluate security controls to protect models from adversarial attacks, data poisoning and unauthorized inference. Develop secure design patterns, reusable controls and architecture blueprints aligned with Resmed’s security standards. Partner with data scientists and engineering teams to develop secure ML pipelines, including feature engineering, validation, and anomaly detection mechanisms. Design secure-by-design architecture patterns and reusable controls for APIs, microservices, and distributed cloud environments. Guide the implementation of zero-trust architecture principles across systems, including identity, access, networking, application and data flows. Perform threat modeling, risk assessments and architecture reviews on high-impact projects. Establish detection and response capabilities around AI systems and APIs. Engage with stakeholders across the business to ensure security solutions enable agility, innovation, and growth. Let’s talk about you 10+ years in cybersecurity, with strong experience in cloud-native application and data security. Strong understanding of cybersecurity frameworks (e.g., NIST, ISO 27001), secure software development, and encryption. Experience designing security for distributed systems, APIs, and AI/ML pipelines. Strong knowledge of cloud platforms (AWS, GCP, Azure), API security protocols, and DevSecOps practices. Proven experience in designing and reviewing modern application architectures in agile and data-driven environments. Familiarity with machine learning operations (MLOps), model governance and responsible AI frameworks. Excellent communicator, able to translate complex risks into actionable guidance. Industry certifications like CISSP, CCSP, or cloud security specializations.

Job Description Job title: Information Security Lead u00A0 Your role: The Information Security Professional 60 is responsible for utilizing specialized knowledge to manage and resolve diverse security issues and projects, applies in-depth expertise to tackle complex challenges and enhances organizational protection. The role operates under broad guidelines with minimal supervision, navigates compliance matters and complex situations. The role investigates potential security breaches, coordinates responses, recommends corrective actions, and defines KPIs to evaluate security effectiveness. The role tracks and analyses service levels, monitors security service performance, and resolves incidents in collaboration with vendors and stakeholders. The role assists in security reviews of applications, maintains up-to-date policies and documentation, and builds effective relationships to enhance security outcomes. You're the right fit if: Minimum required Education: Bachelor's / Master's Degree in Computer Science, Information Technology, Cybersecurity or equivalent. Minimum required Experience: Minimum 2 years of experience in areas such as Security Architecture, Network Security, Cybersecurity Technology, Information Security or equivalent with Bachelor's OR no prior experience required with Master's Degree. How we work together We believe that we are better together than apart. For our office-based teams, this means working in-person at least 3 days per week. Onsite roles require full-time presence in the companyu2019s facilities. Field roles are most effectively done outside of the companyu2019s main facilities, generally at the customersu2019 or suppliersu2019 locations. This role is an office role. u00A0 About Philips We are a health technology company. We built our entire company around the belief that every human matters, and we won't stop until everybody everywhere has access to the quality healthcare that we all deserve. Do the work of your life to help the lives of others. u2022 Learn more about . u2022 Discover . u2022 Learn more about . If youu2019re interested in this role and have many, but not all, of the experiences needed, we encourage you to apply. You may still be the right candidate for this or other opportunities at Philips. Learn more about our culture of impact with care .

Security Architect -The selected Security Architect would be responsible for a specific project or several projects within an organization, focusing on the security aspects of software applications. They would be responsible for translating client security requirements into application features, ensuring the timely delivery of secure software applications, and protecting against potential threats. They would be responsible for understanding client security needs, designing secure prototypes, developing security protocols, performing security testing, and maintaining technical documentation related to security architecture. Location Bengaluru Educational Qualifications -BE/B Tech/ M.E/M Tech/MS/MCA/MSc Requirements . Work Experience 10+ Years Requirements Skills: Minimum 5 years of experience in IT security Knowledge on HSM architecture including application integration. Sound Knowledge of IT security and processes and best practices (eg.ITIL, ISO 27001). Excellent understanding of cryptographic algorithms with hands-on implementation experience. Good skills in any of the following Language : C,C++,JAVA,GO,RUST Job Profile/Duties a) Security Design and Architecture- Develop and implement enterprise-level security architecture. Design secure network solutions to protect systems and data. Create architectural frameworks that align with compliance and risk management requirements. b) Risk Assessment and Threat Modeling Identify potential threats, vulnerabilities, and risks to the IT infrastructure. Conduct regular risk assessments and develop mitigation plans. Lead threat modeling activities for critical systems and applications. c) Security Policies and Standards Define and enforce security policies, procedures, and best practices. Ensure compliance with regulatory standards (e.g., ISO 27001, NIST, GDPR). d) Collaboration and Advisory Work closely with IT, DevOps, and business teams to integrate security into systems and workflows. Provide technical guidance to security engineers and analysts. e) Security Awareness and Training Promote security awareness and training across the organization. Stay updated with the latest cybersecurity trends, threats, and technologies. f) Monitoring and Reporting Monitor the performance of security systems. Report on security incidents, metrics, and compliance status to senior management.

Dear Aspirant, Greetings from JTSi Technologies! We JTSi Technologies India Pvt Ltd, a US based IT Co in Kochi Infopark is urgently looking an Application Security Engineer for our operations in Kochi. The incumbent must be one with a strong understanding of application security principles and secure coding practices, common vulnerabilities and security testing methodologies. JTSi Technologies India Private Limited is a US based IT Co, with 20+ years into business. Our global offices are in Washington DC & New Jersey USA and our Indian HQ is in Bangalore. Details are as follows: Designation: Application Security Engineer (Consultant) Qualification: BE / B Tech / MCA Experience: Minimum 4 Years - 7 Years. Skillsets: Vulnerability Assessment, API, Code, Web & Cloud Security Remuneration: Salary ranges will be the best in the industry. Shift Time: Consultant / Part Time Freelancer Place of Posting: Infopark, Kochi. Roles and Responsibilities: Vulnerability Assessment - Identifying potential security weaknesses in applications through code reviews, penetration testing, and security assessments Designing and Implementing Security Architecture - Developing and integrating cybersecurity designs for systems and networks, ensuring they align with the organization's overall security strategy Secure Design and Development - Collaborating with developers to implement secure coding practices, secure architecture design, and secure development lifecycles (SDLC). API Security Design and Implementation - Design and implement secure API architectures by incorporating authentication, authorization (OAuth 2.0 JWT, etc.), and encryption mechanisms. Enforce API security best practices including rate limiting, input validation, logging, and auditing. Cloud and Container Security- Determine application security capability requirements and strategy (e. g., open source, Cloud Service Providers (CSP), Software as a Service (SaaS)/Infrastructure as a Service (IaaS)/ Platform as a Service (PaaS) environments) Able to assess cloud-native application architectures with a focus on security Security Testing - Conducting both static and dynamic security testing during and after application development to identify vulnerabilities Identity and Access Management - Implementing and managing systems for controlling access to data and applications, ensuring only authorized individuals can access sensitive information Incident Response - Responding to security incidents, investigating breaches, and implementing remediation steps Security Monitoring - Continuously monitoring applications for suspicious activity and potential security threats Security Tool Implementation - Utilizing and implementing security tools such as web application firewalls (WAFs) and other security technologies Skills and Qualifications: Strong understanding of application security principles, secure coding practices, common vulnerabilities (like XSS, SQL injection), and security testing methodologies Proficiency in one or more programming languages used in application development (e.g., Java, Angular, .Net, JavaScript). Familiarity with security tools like SAST, DAST, and WAFs Ability to analyse complex security issues and develop effective solutions Ability to clearly communicate security risks and recommendations to both technical and non-technical stakeholders Working effectively with developers, system administrators, and other security professionals. If you are interested or if any references kindly send us your recently updated resume to careers@jtsiindia.com and we will revert you with more details at the earliest. Thanks, and Regards, Recruitment Team JTSi Technologies India Private Limited Third Floor, Thapasya Building, Infopark, Kochi, Kerala - 682042. E Mail : careers@jtsiindia.com | Website : www.jtsiindia.com Contacts : 0484 4070368