Security Architect

Project Role : Security Architect
Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations.
Must have skills : Data Encryption
Good to have skills : NA
Minimum 3 year(s) of experience is required
Educational Qualification : 15 years full time education

Summary: We are seeking a dedicated and detail-oriented Senior Analyst to join our Identity and Access Management (IAM) team, supporting a major US-based client. The role focuses on Public Key Infrastructure (PKI) operations with additional responsibilities around Enterprise Key Management System (EKMS) and Identity governance tools. This is a hands-on operational role requiring support in a 24x7 environment, following a rotational shift model with at least 5 years of hands-on experience. Roles & Responsibilities: -Perform day-to-day operations of PKI services including certificate issuance, renewal, revocation, and monitoring. -Maintain and troubleshoot Certificate Authorities (CAs), Online Responders (OCSP), and Certificate Enrollment Web Services (CEP/CES). -Support integration and certificate management for enterprise applications, servers, network devices, and security appliances. -Execute and monitor certificate lifecycle management tasks and ensure compliance with security standards. -Troubleshoot SSL/TLS-related issues and assist with application-level binding of certificates (e.g., IIS, LDAPS, etc.). -Maintain service availability, perform routine health checks, and participate in DR/Resiliency testing. -Work closely with the IAM team on access control and authentication mechanisms where certificate-based auth is integrated. -Provide operational support for EKMS (Enterprise Key Management System) as an added advantage. -Follow ITIL processes for incident, change, and problem management. -Prepare and maintain SOPs, documentation, and runbooks for PKI and associated tools. Professional & Technical Skills: - Strong hands-on experience with Microsoft PKI, including Root and Subordinate CAs with minimum 5 years experience. - Experience in certificate lifecycle management for diverse enterprise environments. - Familiarity with Active Directory Certificate Services (ADCS). - Working knowledge of Online Responders, CEP/CES,NDES and Auto-Enrollment policies. - Knowledge on DigiCert certificates and management. - Good understanding of SSL/TLS protocols and digital certificates. - Basic scripting skills (PowerShell preferred) for automation of routine tasks. - IAM concepts and experience with directory services (Active Directory, Entra ID/Azure AD) is an added advantage. - Exposure to EKMS solutions (e.g., Thales, Venafi, or other HSM-integrated key management platforms) is a plus. - Ability to work in 24x7 rotational shifts and support global clients. - Strong communication and documentation skills. - Microsoft certifications related to security or infrastructure. - CompTIA Security+, Certified PKI Professional (CPKI), or similar. - Azure Security, SC-300 or SC-900 (optional, for IAM). Additional Information: - The candidate should have minimum 3 years of experience in Data Encryption. - This position is based at our Bengaluru office. - A 15 years full time education is required.

15 years full time education