Description :

Security Architect

Work Level : Individual Contributor

Industry : Banking (BFSI)

Education : PG / Masters Degree (Mandatory)

Role Summary :

We are seeking a "Decisive" and highly technical Security Architect to design and safeguard the structural integrity of the banks digital and physical infrastructure. In this strategic role, you will be responsible for building high-resilience security architectures across cloud, on-premises, and hybrid environments using frameworks like SABSA.

Your expertise will be critical in implementing Zero Trust models, ensuring API security, and hardening ATM Logical Security controls in line with strict RBI mandates. Acting as a lead security consultant, you will bridge the gap between complex regulatory requirements (SEBI CSCRF, Digital Lending norms) and technical execution. The ideal candidate possesses the communication skills to influence C-suite stakeholders and the technical depth to lead threat modeling exercises for emerging banking technologies.

Responsibilities :

- Advanced Security Architecture Design : Architect and implement secure, scalable frameworks for cloud and hybrid banking environments, ensuring seamless integration of privacy-by-design principles.

- Modern Security Strategy : Integrate Zero Trust Architecture (ZTA) and robust API security protocols into the banks digital transformation roadmap.

- Regulatory Compliance Governance : Ensure all designs adhere to RBI Cybersecurity Frameworks, SEBI CSCRF, IT outsourcing guidelines, and ISO 27001/NIST standards.

- ATM Logical Security Hardening : Define and enforce logical controls on all bank ATM terminals; manage vulnerability assessments and host-level security to prevent logical attacks.

- Risk Assessment & Mitigation : Conduct deep-dive risk assessments for new systems and projects, recommending decisive mitigation strategies to maintain the banks risk appetite.

- Threat Modeling Leadership : Lead cross-functional teams in threat modeling exercises (STRIDE/PASTA) to identify and neutralize architectural vulnerabilities before deployment.

- Technical Advisory : Serve as the subject matter expert (SME) for business units, vendors, and application teams, providing security reviews for high-stakes projects.

- Audit & Regulatory Support : Provide technical documentation and evidence for internal/external audits and respond to inquiries from regulatory bodies (DPSC/RBI).

- ATM Governance : Perform periodic governance reviews of ATM logical controls to ensure 100% alignment with the bank's evolving security standards.

Technical Requirements :

- Framework Proficiency : Extensive experience with SABSA (Sherwood Applied Business Security Architecture) and the NIST Cybersecurity Framework.

- Banking Sector Security : 7+ years of experience in BFSI security architecture, with a deep understanding of ATM Security (XFS, logical controls, and physical-to-digital attack vectors).

- Cloud & Hybrid Expertise : Hands-on experience securing AWS/Azure/GCP environments within a regulated financial context.

- Regulatory Knowledge : Expert-level understanding of RBI Master Directions on Cybersecurity and digital lending security norms.

- Vulnerability Management : Proficiency in interpreting VAPT results and translating them into architectural remediation plans.

Core Competencies :

- Decisive Leadership : Ability to make critical security decisions under pressure and stand firm on compliance requirements during project lifecycles.

- Strategic Communication : Capability to translate complex architectural risks into business impact for non-technical leadership and external vendors.

- Problem Solving : A "first-principles" approach to securing legacy banking systems alongside modern microservices.

- Collaborative Influencing : Proven track record of working with IT and AppDev teams to integrate security into the CI/CD pipeline without disrupting business velocity.

- Analytical Rigor : Exceptional attention to detail in reviewing system designs and identifying "single points of failure" in the security stack.