Senior Associate, Specialist, Security Architecture, Technology and Operations

Business FunctionTechnology and Operations (T&O) enables and empowers the bank with an efficient, nimble and resilient infrastructure through a strategic focus on productivity, quality & control, technology, people capability and innovation. In Group T&O, we manage the majority of the Bank's operational processes and inspire to delight our business partners through our multiple banking delivery channels.Job Summary: We are seeking a highly skilled and experienced Security Architect to design, build, and maintain bank's and Vendor security architecture. This role will be responsible for evaluating and improving Bank/Vendor security posture, ensuring that systems, data, applications, and networks are secure and compliant with industry standards, regulations, and best practices and maintaining the ATM Logical security.Key Responsibilities: Security Architecture Design: * Design and implement robust security architectures for cloud, on-premises, and hybrid environments.* Develop and enforce security policies, standards, and procedures across systems and applications.* Define security requirements and work with relevant teams to ensure secure system design and integration.Risk Management & Compliance: * Conduct risk assessments and recommend mitigation strategies.* Ensure compliance with relevant regulatory frameworks (e.g., ISO 27001, NIST, PCI-DSS).* Support audits and respond to security-related inquiries, regulatory compliance (e.g. DPSC, RBI Cybersecurity Framework, SEBI CSCRF, IT outsourcing guidelines digital lending norms).ATM Logical Security: * Ensure Logical controls on all the bank ATM terminals is inline to bank standard.* Perform periodic ATM security assessment covering Vulnerability management, Host level security etc.* Perform periodic Governance of the ATM logical security controls.Collaboration & Guidance: * Serve as a security advisor to business units, IT, Business partners, Vendors and Application teams.* Lead threat modeling exercises and provide security reviews for new systems, Projects or services.Regulatory Reporting;* Ensure timely and accurate submission of periodic and ad-hoc returns, statements, and reports of regulatory submissions like Quarterly Cyber KRI, Tranche I, Tranche II, Tranche III etc.* Maintain records of all regulatory submissions, approvals, and correspondences with RBI.Training & Awareness: * Conduct training sessions and awareness programs on RBI regulations and compliance best practices.* Promote a culture of regulatory compliance and ethical conduct across the organization.Monitoring & Response: * Collaborate with Security Operations to develop and improve monitoring and incident response capabilities.* Assist in the investigation of security breaches and help with the root cause analysis.Security Tools & Technologies: * Manage security solutions such as SIEM, EDR, WAF, IAM etc.* Stay up-to-date on the latest cybersecurity trends, technologies, and threat landscapes.Requirements* Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or related field (Master’s preferred).* 10+ years of progressive experience in cybersecurity roles, including at least 5 years in a security architecture or engineering position.* Certifications (preferred but not required): CISSP, CISM, CISA, AWS/Azure/GCP Certified Security – Specialty, or similar.Skills & Competencies: * Deep understanding of security principles, architectures, and technologies.* Strong knowledge of cloud platforms (e.g., AWS, Azure, GCP) and cloud security frameworks.* Familiarity with microservices security, and container security (e.g., Docker, Kubernetes).* Strong analytical and problem-solving skills.* Excellent communication skills and ability to work cross-functionally.* Proven ability to conduct security assessments and interpret security reports.* Strong analytical, problem-solving, and communication skills to effectively engage with internal and external stakeholders.