Security Architect - CISSP/CISM

Ally-eXecutive HR

Gurgaon/Gurugram

3 - 5 Years

4.3

2+ Reviews

Security Architect PCI-DSS CISSP CISM Security Operations Center IT Compliance IT Risk IT Governance Cloud Security Cyber Security

Posted on: 22/12/2025

Job Description

Key Responsibilities :

- Security Architecture & Design.

- Zero Trust & Identity Security.

- Cloud Security Architecture.

- Cloud Security Architecture.

- Security Operations & Monitoring.

- Compliance, Risk & Governance.

- Data Protection & Encryption.

- Network Security.

- Collaboration & Leadership.

Required Skills :

- Security Frameworks & Standards NIST Cybersecurity Framework, ISO 27001/27002, CIS Controls, OWASP Top 10, SANS Top 25, Zero Trust Architecture (NIST SP 800-207), PCI-DSS, HIPAA, GDPR, and insurance regulatory frameworks.

- Identity & Access Management Azure Active Directory/Entra ID, SSO implementations, SAML/OAuth 2.

0/OpenID Connect, multi-factor authentication (MFA), privileged access management (PAM), RBAC/ABAC models, identity governance, and passwordless authentication.

- Cloud Security Azure Security Center, Microsoft Defender for Cloud, AWS Security Hub, Google Security Command Center, CASB solutions, network security groups, web application firewalls, container security, Kubernetes security, and cloud-native security tools.

- Application Security Secure SDLC practices, threat modeling (STRIDE, PASTA, LINDDUN), SAST tools (SonarQube, Checkmarx, Fortify), DAST tools (OWASP ZAP, Burp Suite), SCA tools (Snyk, WhiteSource), secrets management (Azure Key Vault, HashiCorp Vault), and API security.

- Security Operations SIEM platforms (Microsoft Sentinel, Splunk, IBM QRadar, Elastic Security), SOAR platforms, EDR/XDR solutions, threat intelligence platforms, log analysis, incident response frameworks, and forensic tools.

- Network Security Firewall technologies (next-gen firewalls, Azure Firewall), IDS/IPS systems, network segmentation, VPN technologies, ZTNA solutions, DDoS mitigation, and secure network design.

- Encryption & Data Protection Encryption protocols (TLS/SSL, IPSec), key management systems, certificate authorities, data loss prevention (DLP), data classification, tokenization, and data masking techniques.

Required Experience :

- 8+ years in cybersecurity, security engineering, or security architecture roles.

- 3+ years designing enterprise security architectures.

- Proven experience architecting security solutions on Microsoft Azure with deep understanding of cloud security principles and patterns.

- Track record conducting threat modeling exercises, performing security architecture reviews, and achieving compliance certifications (SOC 2, ISO 27001, PCI-DSS).

- Experience in insurance or financial services environments with understanding of regulatory requirements and sensitive data protection.

- Evidence of implementing Zero Trust architectures, designing identity and access management solutions, and establishing security governance frameworks.

- Experience leading security incident response, conducting vulnerability assessments, and implementing security monitoring solutions.

Required Certifications :

- CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), CCSP (Certified Cloud Security Professional), Microsoft Certified: Security Operations Analyst Associate or Azure Security Engineer Associate.

- Valuable additions: CEH (Certified Ethical Hacker), SANS GIAC certifications (GIAC Security Essentials, GCIH, GPEN), OSCP (Offensive Security Certified Professional), CISA (Certified Information Systems Auditor).