Description :

Cloud Security Architect (DevSecOps Lead)

Location : Mumbai, India

Experience : 8+ Years

Domain : Cybersecurity / Cloud Architecture

About the Role :

The Cloud Security Architect will be a key driver in establishing a robust security posture across our entire technology landscape.

This role requires a strategic thinker who can design and govern secure architectures, embed security into our CI/CD pipelines, and ensure compliance in a hybrid/multi-cloud environment.

Key Responsibilities :

- Define and govern secure architectural patterns for all new and existing cloud services (AWS/Azure), focusing on zero-trust principles.

- Lead the adoption of DevSecOps practices, integrating security tools (SAST/DAST, vulnerability scanners) into the CI/CD pipeline and automated deployment processes.

- Design and review IAM (Identity and Access Management) policies and procedures to enforce the principle of least privilege.

- Perform technical threat modeling and risk assessments for applications and infrastructure.

- Establish Cloud Security Posture Management (CSPM) best practices and ensure continuous compliance with standards like SOC 2 and GDPR.

- Define and implement advanced security controls such as WAF, DDoS mitigation, and encryption protocols.

Technical Skills Required :

- Deep expertise in security services and governance on at least two major cloud platforms (AWS, Azure, or GCP).

- Expert knowledge of network security, application security (OWASP Top 10), and data protection principles.

- Experience with IaC security scanning (e.g., Checkov, Terrascan).

- Strong understanding of container and Kubernetes security best practices.

- Relevant certifications (e.g., CCSP, AWS Certified Security - Specialty)