Security Architect

Project Role : Security Architect
Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations.
Must have skills : Governance Risk and Compliance (GRC) Platforms
Good to have skills : NA
Minimum 3 year(s) of experience is required
Educational Qualification : 15 years full time education

Summary: As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and transitioning to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud technologies. Roles & Responsibilities: -Define and operationalize IT & Cyber Governance frameworks aligned to business strategy -Establish and maintain policies, standards, procedures, and control frameworks -Drive governance for cloud, IAM, PKI, data protection, and infrastructure platforms -Chair or support Technology Risk & Governance forums / steering committees -Ensure alignment between IT, Security, Legal, Privacy, and Business teams -Lead technology and cyber risk assessments (inherent & residual risk) -Maintain enterprise technology risk register and mitigation roadmap -Perform third-party / vendor risk assessments for technology providers -Support risk acceptance, remediation tracking, and executive reporting -Integrate risk insights into strategic and operational decision-making -Ensure compliance with relevant standards and regulations such as:ISO 27001 / 27002, SOC 1 / SOC 2, NIST CSF / NIST 800-53, PCI-DSS, SOX, GDPR, HIPAA (as applicable) -Lead internal and external IT & security audits -Manage control testing, evidence collection, and audit remediation -Act as key point of contact for auditors and regulators -design and effectiveness of IT General Controls (ITGCs) and cyber controls -Partner with technical teams on control implementation and automation -Ensure governance over identity, access, encryption, logging, vulnerability management -Track and report control health and compliance metrics -Lead and mentor GRC analysts and managers -Act as trusted advisor to senior leadership -Drive GRC maturity roadmap and continuous improvement initiatives -Coordinate with global teams and service providers Professional & Technical Skills: - Must To Have Skills: Proficiency in Governance Risk and Compliance (GRC) Platforms. - Strong understanding of cloud security principles and best practices. - Experience with risk assessment methodologies and compliance frameworks. - Familiarity with security incident response and management. - Knowledge of regulatory requirements related to data protection and privacy. Additional Information: - The candidate should have minimum 3 years of experience in Governance Risk and Compliance (GRC) Platforms. - This position is based at our Gurugram office. - A 15 years full time education is required.

15 years full time education