1110 Cybersecurity Engineers jobs in Bengaluru

Job Profile:

Job Title: Cyber Security Architect

Corporate Title: AVP/VP

Experience: 10-15 years

Location: Bangalore

No. of Positions: 1

Role Description:

The Security Architect is a senior manager aligned CISO’s Organisation. Security Architect is responsible to enforce Information Security compliance within their area of responsibility in line with the CISO’s mandate and strategy as well as the Company’s risk appetite. Furthermore, Security Architect are the experts and point of escalation for all IT security related aspects of the IT assets in their area of responsibility. He/She will provide guidance on how to implement technical control aspects and achieve compliance to the related Information Security controls and ensure appropriate handling of any relevant exceptions. In close cooperation with the respective Business Functions they support the business divisions as well as the CIO to comply with Security Controls.

Job Responsibilities:

• Design, build and implement enterprise-class security systems for a production environment.
• Align standards, frameworks and security with overall business and technology strategy.
• Identify and communicate current and emerging security threats.
• Design security architecture elements to mitigate threats as they emerge.
• Create solutions that balance business requirements with information and cyber security requirements.
• Identify security design gaps in existing and proposed architectures and recommend changes or enhancements.
• Use current programming language and technologies to writes code, complete programming and performs testing and debugging of applications.
• Train users in implementation or conversion of systems
• Derive the IT Security strategy from the overall Chief Information Security Office (CISO) strategy and requirements and translates this into an operational plan for delivery for their area of responsibility.
• Act as point of escalation for IT Security issues and exceptions.
• In relation to the IT Assets, processes within their scope of responsibility they:
• Drive integration of Chief Information Security Office Initiatives, programs and central solutions and ensure alignment with the departmental portfolios.
• Ensure effective and efficient communication, coordination and implementation of CISO IT Security requirements and decisions.
• Responsible for the adoption of centrally mandated Security Solutions and the maintenance of technical security documentation and compliance to security controls.
• Are the recognized expert in Information Security Policies and procedures and their implementation in relation to technologies.
• Proactively manages IT audits and plan (in co-operation with Director IT) preparation and remediation.
• Ensure appropriate senior management awareness/oversight of follow-up on action items to resolve identified issues, e.G. information security reviews of vendors, audit issue resolution.
• Spearhead independent reviews of IT Security Controls, prioritize identified issues and assesses remediation actions for quality, considering the optimal cost-risk ratio as well the strategically optimal resolution (e.G. Information Security control evaluation and respective follow up activities).
• Verify remediation concepts for critical and systemic issues and monitors their execution according to plan and with quality.
• Partner with key stakeholders (Departmental Info Sec leads and IT team etc.) to act as mediator and subject matter expert for them on Information Technology Security topics. Ensure a common understanding of Information Technology Security risks and their implications for the Group and for their scope of responsibility.

Job Requirements:

• Knowledge of Security architecture, demonstrating solutions delivery, principles, and emerging technologies.
• Designing and implementing security solutions. This includes continuous monitoring and making improvements to those solutions, working with an information security team.
• Consulting and engineering in the development and design of security best practices and implementation of solid security principles across the organization, to meet business goals along with customer and regulatory requirements.
• Hands on Servers: Windows. Linux and Unix environment, Container Technology
• Hands on Cloud: AWS, Azure, Container Technology, Automation with Ansible or similar
• Security considerations of cloud computing: They include data breaches, broken authentication, hacking, account hijacking, malicious insiders, third parties, APTs, data loss and DoS attacks.
• Identity and access management (IAM) – the framework of security policies and technologies that limit and track the access of those in an organization to sensitive technology resources.
• Hands on in 2 or more Cyber Technologies viz. Encryption, Endpoint Security, Application Security, PKI, Firewalls, Virtualization, SIEM/SOAR tools, Vulnerability Scanning, Systems Hardening, Threat and Intel etc.
• Exceptional communication skills with diverse audiences - Strong critical thinking and analytical skills
• Strong leadership, project and team-building skills, including the ability to lead teams and drive projects and initiatives in multiple departments.
• Demonstrated ability to identify risks associated with business processes, operations, information security programs and technology projects.
• The ability to be the enterprise security subject matter expert who can explain technical topics to those without a technical background.

Education / Certification:

• B.Tech./ MCA/ in Computer Science, Computer Engineering, or a comparable education and experience
• In addition, the following education/certification attainment will be beneficial:
• CISSP (Certified Information Systems Security Professional) or equivalent.
• CISM (Certified Information Security Manager) or equivalent.
• Certified/ Trained CISM, ISO27001 Lead etc.
• Comprehensive knowledge on FFIEC, GDPR, MAS, SOC1/2

Position
Information Security Architect I

Job Description
We are seeking a highly experienced SOC Architect, Lead Analyst, to join our global Cyber Operations team. This role involves leading and enhancing our security operations capabilities across various environments, including cloud and on-premises systems. The ideal candidate will have a deep background in SOC operations, incident response, and advanced threat management, with a focus on automation and integration of cutting-edge security technologies.

What You Will Be Doing
Leading SOC Operations:

• Implement, and optimize SOC architectures and processes to effectively detect and respond to cyber threats.
• Develop and manage advanced security monitoring and SOC response frameworks, leveraging tools such as Microsoft Sentinel and other cloud-native SOC platforms.

Case Management And Response

• Lead and manage critical security events, including complex investigations and forensic analysis.
• Develop and refine SOC playbooks and procedures to ensure efficient and effective resolution or escalation of security events.

Automation And Integration

• Implement and manage Security Orchestration, Automation, and Response (SOAR) solutions to streamline SOC operations.
• Create and optimize automation rules and workflows to enhance incident detection and response capabilities.
• Integrate SOC tools and platforms to ensure seamless data flow and operational efficiency.

Threat Intelligence And Hunting

• Analyze threat intelligence data to identify emerging threats and vulnerabilities and integrate this intelligence into SOC operations.
• Conduct advanced threat hunting activities and develop strategies to proactively identify and mitigate potential threats.

Team Leadership And Development

• Mentor and guide SOC team members, including SOC Level 1 Analysts, providing leadership on complex incidents and security challenges.
• Collaborate with other teams and departments to ensure cohesive and coordinated security efforts across the organization.

Continuous Improvement

• Stay current with the latest cybersecurity trends, threats, and technologies to continuously enhance SOC operations.
• Contribute to the development of new use cases, dashboards, and reporting templates to improve SOC performance and visibility.

Key Accountabilities

• Shift Lead for SOC in maintaining security operations across private, hybrid, and public cloud environments.
• Ensure timely and effective resolution of security events and escalate complex issues as necessary.
• Ensure SOC capabilities with training and skill development that aligns with continuous improvement to handle complex and evolving cyber threats.
• Develop custom parsers and enrichments for improved alert handling.
• Collaborate with vendors and internal teams to resolve security issues and enhance SOC capabilities.
• Maintain compliance with legal, regulatory, and industry standards.

Experience
What we are looking for :

• 7-15 years of experience in SOC roles, with a strong focus on SOC event management, threat management, and SOC architecture.
• Proven track record of managing large-scale SOC operations in global environments. Must be a self-starter and motivated to bring more to this role and team than what is directed.

Technical Skills

• In depth experience with cloud-native security tools, including Microsoft Sentinel, Microsoft 365 Defender, and Microsoft Defender for Cloud.
• In depth experience with endpoint detection and response (EDR) including Microsoft Defender for Endpoint.
• In depth experience with identity concepts, including multifactor authentication, authentication protocols, user behaviors.
• In-depth understanding of cloud and endpoint, including malware forensics, browser forensics, cloud forensics, mobile device forensics.
• Experience with network security tools, including Palo Alto and web application firewalls (WAFs) like Akamai, Cloudflare and Azure WAF.
• Advanced knowledge of scripting and automation using languages.
• Experience with SOAR platforms and security automation.

Certifications

• Relevant certifications such as CISSP, CISM, CCSP, GCIH, or GIAC Security Operations Certified (GSOC) are highly desirable.
• Additional certifications in cloud security or incident response are a plus.

Soft Skills

• Strong analytical and problem-solving skills with the ability to handle complex security events.
• Excellent communication skills to articulate security concepts to both technical and non-technical stakeholders.
• Highly organized, detail-oriented, and capable of working under pressure in a dynamic environment.

Shift Coverage:
Rotational 24x7 shifts.

Arrow Electronics, Inc. (NYSE: ARW),
an award-winning Fortune 133 and one of Fortune Magazine's Most Admired Companies. Arrow guides innovation forward for over 220,000 leading technology manufacturers and service providers. With 2024 sales of USD $27.9 billion, Arrow develops technology solutions that improve business and daily life. Our broad portfolio that spans the entire technology landscape helps customers create, make and manage forward-thinking products that make the benefits of technology accessible to as many people as possible. Learn more at

Our strategic direction of guiding innovation forward is expressed as Five Years Out, a way of thinking about the tangible future to bridge the gap between what's possible and the practical technologies to make it happen. Learn more at

Location:
IN-KA-Bangalore, India (SKAV Seethalakshmi) GESC

Time Type
Full time

Job Category
Information Technology

• Design and architect secure enterprise-level IT infrastructure, encompassing networks, systems, applications, and cloud environments.
• Develop and implement comprehensive security policies, standards, and procedures.
• Evaluate, select, and deploy security technologies such as firewalls, intrusion detection/prevention systems, SIEM, EDR, and DLP solutions.
• Conduct regular risk assessments, vulnerability analyses, and penetration testing to identify and mitigate security weaknesses.
• Develop and manage incident response plans and procedures, acting as a key responder during security incidents.
• Collaborate with IT operations, development, and business teams to embed security best practices into the software development lifecycle (SDLC) and system designs.
• Provide security awareness training and guidance to employees across the organization.
• Stay current with emerging security threats, vulnerabilities, and mitigation techniques.
• Ensure compliance with relevant industry regulations and standards (e.g., ISO 27001, GDPR, NIST).
• Lead security architecture reviews for new projects and initiatives.
• Mentor junior security team members and contribute to the overall security strategy.

• Bachelor's degree in Computer Science, Information Security, or a related field. Master's degree or equivalent experience is preferred.
• Minimum of 8 years of experience in information security, with at least 4 years in a security architecture or engineering role.
• Proven experience designing and implementing complex security solutions in large enterprises.
• In-depth knowledge of network security, cryptography, identity and access management (IAM), cloud security, and application security.
• Familiarity with common security frameworks and standards (e.g., NIST CSF, CIS Controls).
• Experience with cloud security platforms (AWS, Azure, GCP) and container security.
• Excellent analytical, problem-solving, and critical thinking skills.
• Strong communication and interpersonal skills, with the ability to articulate technical security concepts to diverse audiences.
• Relevant security certifications such as CISSP, CISM, CCSP, or GIAC are highly desirable.
• Ability to work effectively in a hybrid work model.

• Design and develop comprehensive security architectures for cloud, on-premises, and hybrid environments.
• Evaluate and select security technologies and solutions to meet organizational security requirements.
• Develop and enforce security standards, policies, and procedures across the organization.
• Conduct security risk assessments and recommend appropriate controls to mitigate identified risks.
• Collaborate with IT infrastructure, development, and operations teams to integrate security into the entire system lifecycle.
• Provide expert guidance on secure coding practices, network security, data protection, and access management.
• Lead the design and implementation of security solutions for new projects and initiatives.
• Stay abreast of the latest cybersecurity threats, vulnerabilities, and industry best practices.
• Mentor and guide junior security engineers and analysts.
• Participate in incident response activities, providing architectural expertise when necessary.
• Develop and maintain security architecture documentation, including diagrams and specifications.

• Master's degree in Computer Science, Cybersecurity, Information Technology, or a related field.
• Minimum of 8 years of progressive experience in information security, with at least 5 years in security architecture or design.
• Proven experience designing and implementing security solutions for cloud platforms (AWS, Azure, GCP).
• In-depth knowledge of network security, endpoint security, identity and access management (IAM), and data loss prevention (DLP).
• Experience with security frameworks such as NIST, ISO 27001, and SOC 2.
• Strong understanding of threat modeling and risk assessment methodologies.
• Excellent analytical, problem-solving, and strategic thinking skills.
• Exceptional communication, presentation, and interpersonal skills.
• Ability to work effectively in a hybrid team environment, collaborating with both remote and on-site colleagues.
• Relevant certifications such as CISSP, CCSP, or CISM are highly desirable.
• Experience with security automation and orchestration tools is a plus.

• Design, implement, and manage enterprise-wide information security architecture.
• Develop and maintain security policies, standards, and procedures.
• Conduct regular security risk assessments and vulnerability analyses.
• Evaluate and recommend new security technologies and solutions.
• Lead incident response activities and forensic investigations.
• Collaborate with development and operations teams to ensure secure coding practices and infrastructure.
• Oversee identity and access management (IAM) systems and strategies.
• Ensure compliance with industry regulations and data privacy laws.
• Provide security awareness training to employees.
• Stay current with emerging threats and security trends.

• Bachelor's or Master's degree in Computer Science, Information Security, or a related field.
• Minimum of 8 years of experience in information security, with a focus on security architecture.
• Proven experience with security frameworks such as NIST, ISO 27001, or CIS.
• Hands-on experience with cloud security (AWS, Azure, GCP) and network security technologies (firewalls, IDS/IPS).
• Strong knowledge of application security, cryptography, and secure development lifecycle (SDLC).
• Excellent analytical, problem-solving, and decision-making skills.
• Effective communication and interpersonal skills for stakeholder engagement.
• Relevant security certifications (e.g., CISSP, CISM, CCIE Security) are highly desirable.
• Experience in a hybrid work environment.

• Design, develop, and maintain the enterprise information security architecture, frameworks, and standards.
• Evaluate and recommend security technologies and solutions to protect the organization's assets.
• Collaborate with IT teams, business units, and stakeholders to ensure security requirements are met across all projects.
• Conduct security risk assessments and develop mitigation strategies.
• Define security policies, procedures, and guidelines.
• Provide technical leadership and guidance on security best practices.
• Oversee the implementation of security controls, including identity and access management, data loss prevention, and network security.
• Develop and maintain security architecture documentation.
• Stay abreast of emerging security threats, technologies, and regulatory requirements.
• Mentor and guide junior security architects and engineers.

• Master's degree in Computer Science, Information Security, or a related field.
• Minimum of 10 years of experience in information security, with at least 5 years in a security architecture role.
• Proven experience in designing and implementing complex security architectures for large enterprises.
• In-depth knowledge of various security domains, including network security, application security, cloud security, and data security.
• Familiarity with security frameworks such as NIST, ISO 27001, and SOC 2.
• Experience with cloud platforms (AWS, Azure, GCP) and their security implications.
• Strong understanding of risk management principles and methodologies.
• Excellent analytical, problem-solving, and strategic thinking skills.
• Exceptional leadership, communication, and interpersonal abilities.
• Relevant certifications such as CISSP, CISM, or SABSA are highly desirable.