698 Security Architect jobs in India

About Synechron:

Synechron, one of the fastest-growing digital, business consulting & technology services providers, is a $950 million firm based in New York.

Since inception in 2001, Synechron has been on a steep growth trajectory.

With 15,000+ professionals operating in 22 countries across the world, it has presence across USA, Canada, UK, France, The Netherlands, Switzerland, Luxembourg, Serbia, Germany, Italy, UAE, Singapore, Hong Kong, Japan, Australia and Development Centers in India.

We are hiring for Security Architect.

Location - Bengaluru

Experience - 10 to 15 years

Domain - Banking

Requirements:

• At least 3-5 years of technology experience & working knowledge of Banking Mobile Apps, their unique security features & API integration
• 3-5 years’ experience in securing IOS & Android Mobile Apps and its associated ecosystem. Must understand the nitty-gritties of IOS & Android native controls (both Ingress & Egress) as well as Third Party components that have the potential to make the mobile app more secure.
• Extensive knowledge and experience with designing and proposing solutions that combat Digital Fraud that typically takes place via Banking Mobile Apps
• Deep knowledge and/or Experience with Threat Modeling of Banking Mobile Apps & it’s integrated ecosystem.
• Deep knowledge and/or experience with prescribing balanced Security Requirements for Banking Mobile Apps & it’s integrated ecosystem.
• Deep understanding of global and regional regulatory requirements related to banking and financial services (e.g., PCI-DSS).
• Knowledge of API Security Standards implementation for secure interoperability between different banking systems
• Deep knowledge and experience with designing & proposing People, Process & Technology controls to ensure secure build, deployment and distribution (to App Stores) of Banking Mobile Apps
• Ability to assess and integrate third-party technology solutions into Banking Mobile Apps from a security perspective.
• Understanding of Retail Banking Mobile App offerings, products, and processes
• Familiarity with emerging banking technologies and trends (e.g., blockchain, digital currencies, e-checks, ML)
• Knowledge & experience integrating industry best practice Fraud Management solutions for Banking Mobile Apps

Technical Skills:

• Deep understanding of conducting Data Classification & Asset Valuation activities
• Knowledge of conducting Threat Modeling using frameworks of choice
• Deep understanding of Application Security (OWASP Top 10 or similar), API Security & Mobile Security (Mobile OWASP Top 10)
• Deep understanding of Infrastructure Security including but not limited to Containers, Virtual Machines, Operating Systems, Databases, and Interfaces such as payment switches, APIs, event-streaming systems, file transfer systems.
• Experience with end-end to security requirements and solutioning via collaboration with peer architects, tech leads and associated stakeholders.
• Experience in Development of standards, patterns, and best practices for reuse. Promotion of design adherence to bank policies, standards, architectural principles, and guidelines
• Must be able to tailor language and communication based on the audience

Behavioral skills:

• Excellent analytical & critical thinking skills.
• Excellent stakeholder, time management & expectation management skills
• Autonomous decision-making ability with minimal guidance
• High learning potential
• Ability to coach & mentor associate/junior architects

We are looking for Senior security architect with 8 + years of experience for Chennai Location.

Skills:

Cloud: AWS, Azure, OCI, OpenShift

Containers: Docker, Kubernetes

Security: IAM, OAuth2, OWASP, NIST, CrowdStrike

Dev: APIs, Microservices, Python, Java

DevOps: secure CI/CD, Terraform, Helm

Monitoring: ELK, Prometheus, Sentinel

Architecture: Enterprise Architect

Integration: Kafka, REST, Event Hubs

Job Description:

1. Strong all-round knowledge of software engineering, architecture & cyber security
2. 5+ years of experience working with cloud native technologies such as containers, service mesh, Kubernetes/OpenShift and virtualization
3. 3+ years of work experience in Cyber/Information Security.
4. Experience with building end-end design patterns & solutions by ensuring a balance of user experience, performance, resiliency, reliability & security
5. Experience integrating an application with surrounding eco-systems & technologies including but not limited to mobile apps, micro-services, containers/ cloud-native technologies, event-streams, APIs, message-brokers and the like
6. Deep understanding of architectural patterns like micro-services, APIs & app development (mobile and application)
7. Deep understanding of security concepts like Authentication, Authorization, Encryption, Logging/Monitoring, Application Security (OWASP Top10), Infrastructure Security, Cloud Security & Regulations
8. Good experience of enterprise architecture tools (Enterprise Architect), data modeling tools.
9. Experience working with cloud platforms such as OpenShift, Azure, AWS & OCI

Interested candidates please share resume to

About Darwinbox:
Darwinbox is Asia's fastest-growing HR technology platform, designing the future of work by building the world's best HR tech, driven by a fierce focus on employee experience and customer success, and continuous, iterative innovation. We are the preferred choice of 1000+ global enterprises to manage their 4 million+ employees across 130+ countries.

Darwinbox's new-age HCM suite competes with local as well as global players in the enterprise technology space (such as SAP, Oracle, and Workday). The firm has acquired notable customers ranging from large conglomerates to unicorn start-ups: Nivea, Starbucks, DLF, JSW, Adani Group, Crisil, CRED, Vedanta, Mahindra, Glenmark, Gokongwei Group, Mitra Adiperkasa, EFS Facilities Management, VNG Corporation, and many more.

Our vision of building a world-class product company from Asia is backed by marquee global investors like Microsoft, Salesforce, Sequoia Capital, TCV, KKR, and Partners Group.

Why Join Us?

The rate at which our product and market presence are growing is unprecedented. We're a Rocketship. We're not planning on slowing down anytime soon. And, that's why we need you You'll experience a culture of:

• Disproportionate Rewards for top performance
• Accelerated Growth in a hyper-growth environment
• Wellbeing First culture focused on employee care
• Continuous Learning and professional development
• Meaningful Relationships and a Collaborative Environment

Role Overview:
We are seeking a highly skilled and experienced Security Architect with a strong background in offensive security. The ideal candidate will be responsible for building and leading a red team, ensuring the security of our SaaS platform, IT infrastructure, and cloud environments. This role requires a proactive approach to identifying and mitigating security risks, along with a deep understanding of the latest security threats and technologies.

Responsibilities:
Offensive Security:

• Conduct advanced penetration testing and vulnerability assessments on our systems.
• Develop and execute red team exercises to identify and address security weaknesses.
• Simulate real-world attacks to test and improve the resilience of our security measures.

Red Team Development:

• Build, lead, and mentor a team of security professionals focused on offensive security.
• Develop and implement red team strategies, methodologies, and tools.
• Collaborate with other teams to integrate red team findings into the overall security posture.

SaaS Security:

• Design and implement security measures to protect our SaaS platform.
• Ensure compliance with industry standards and regulations.
• Perform continuous monitoring and improvement of security controls.

IT and Cloud Security:

• Oversee the security of IT infrastructure, including networks, servers, and endpoints.
• Implement and manage security measures for cloud environments (AWS, Azure, GCP).
• Ensure secure configuration and management of cloud services.

Tool Development and Integration:

• Develop and maintain security tools to automate threat detection, response, and remediation.
• Integrate security tools and systems for comprehensive monitoring and protection.
• Prepare our systems for global scale and protect against evolving cyber threats and zero-day attacks. SOC Management:
• Support and manage a 24/7 Security Operations Center (SOC) monitoring team.
• Ensure continuous monitoring of security events and incidents.
• Develop and maintain incident response protocols and procedures.

Collaboration and Communication:

• Work closely with development, operations, and IT teams to ensure security is integrated into all aspects of our technology stack.
• Communicate security risks and recommendations to stakeholders at all levels.
• Develop and deliver security training and awareness programs for employees.

Requirements:

• Bachelor's or Master's degree in Computer Science, Information Security, or a related field.
• At least 5 years of experience in offensive security, penetration testing, or a similar role.
• Proven experience in building and leading red teams.
• Strong knowledge of SaaS security, IT infrastructure security, and cloud security.
• Familiarity with security frameworks and standards (e.g., NIST, ISO 27001, OWASP).
• Hands-on experience with AI security and understanding of AI/ML security threats.
• Proficiency in coding and scripting languages (e.g., Python, Java, C++) for developing security tools and automation.
• Experience in managing a 24/7 SOC monitoring team.
• Excellent problem-solving skills and the ability to think like an attacker.
• Strong communication and leadership skills.
• Relevant certifications such as OSCP, OSCE, CEH, CISSP, or similar are preferred.

We're looking for a strategic thinker and hands-on leader to drive the security vision for our Security DataFabric and Exposure Management products. In this key role, you'll be at the forefront of designing, building, and owning the security architecture that powers our next-generation platforms across multiple cloud environments. You'll work side by side with Engineering, Product, and DevOps teams to weave security into every stage of the software development lifecycle (SDLC) — from idea to deployment and beyond.

You'll play a critical role in ensuring our infrastructure not only meets, but exceeds, industry standards and regulatory requirements, all while enabling innovation at speed.

Key accountabilities

Security Architecture Design & Strategy :

• Lead the design and implementation of secure, scalable security architectures for our products and infrastructure, on AWS and Azure.

• Develop and maintain cloud security blueprints, reference architectures and security patterns.

• Collaborate with engineering, product and DevOps teams to create secure-by-design solutions for existing and new products.

• Define and promote security best practices for our product and cloud deployments, including secure configuration, network segmentation, identity and access management (IAM), data protection and logging/monitoring.

• Evaluate and suggest new security technologies and solutions to improve our cloud security posture.

• Identify gaps and find ways to address them.

Security Integration & SDLC:

• Collaborate closely with product management, engineering and DevOps teams to integrate security into every phase of the SDLC (Secure-by-Design and Shift-Left principles).

• Perform threat modelling and security architecture reviews for critical systems.

• Define and enforce security requirements and best practices throughout the software development lifecycle (SDLC).

• Lead secure design reviews and collaborate on application risk assessments.

• Drive the implementation of DevSecOps practices, including automated security testing, secrets management and infrastructure as code (IaC) security scanning.

• Act as a subject matter expert for security-related queries from development and operations teams.

Risk Management & Compliance:

• Identify, assess and prioritize security risks related to cloud deployments and product features.

• Develop and implement strategies and controls to reduce risks.

• Ensure compliance with relevant industry standards and regulations (ISO27001:2022, SOC2, CSTAR, and GDPR).

• Maintain and enhance the organization's compliance frameworks and security posture in accordance with standards like ISO27001:2022, SOC2, and CSTAR.

• Participate in security audits and provide evidence of controls.

• Engage with customers to communicate our alignment with best practices and identify gaps.

• Collaborate with client delivery teams on security assessments and compliance requirements.

Incident Response:

• Support the development and refinement of incident response plans tailored for cloud environments.

• Own security incidents and collaborate with IT and DevOps teams to respond and close such incidents.

• Contribute to product security policies, standards, and incident response procedures.

Security Awareness & Training:

• Champion security awareness across the organization, providing training and guidance to engineering and product teams on security best practices.

• Serve as a security SME for internal teams and external stakeholders.

• Mentor junior security professionals and contribute to the growth of our security team.

• Mentor engineers on secure coding and architecture principles.

Vendor Management

• Identify vendors to drive Pen Test/Security Audits.

Work with management to secure the necessary budget.

Skills and Experience

• Significant xperience in cybersecurity, with at least 3 years in product or application security architecture.

• Strong understanding of modern application architectures (e.g., con tainerization).

• Deep knowledge of OWASP Top 10, secure coding practices, threat modelling (STRIDE, PASTA, etc.).
• Good understanding of securing UI/API/data on cloud platforms (AWS / Azure)
• Preferred qualifications include:
• Relevant certifications such as CISSP, CCSP, CCSK, AWS Certified Security and Azure security engineer certifications.
• Exposure to privacy, compliance (e.g., GDPR, SOC2), and secure data architecture
• Good knowledge of ISO27001:2022, SOC2 and CSTAR
• Understandin of offensive security.

Education

• Bachelor's/ Master's Degree in Computer Science Engineering

• Certifications such as CISSP, GSEC, CEH or CISM desired

Microsoft Security Architect -JD

Location: Bangalore

Department: Security Practice

Reporting To: Head of Security Practice

Job Summary

We are seeking a Microsoft Security Architect to lead the design and governance of enterprise security solutions based on Microsofts security technologies. The role will involve defining architecture standards, solution blueprints, and working closely with both pre-sales and delivery teams to ensure secure and scalable implementations of Microsoft Sentinel, Defender, Entra, Intune, Purview, and Priva. The ideal candidate will have a strong technical background, excellent customer engagement experience, and a strategic mindset to drive cybersecurity transformations.

Key Responsibilities

• Design and own end-to-end Microsoft security architecture for enterprise and MSSP environments.
• Provide technical leadership and architecture governance across security projects and managed services.
• Develop scalable architecture patterns and blueprints using Microsoft Defender suite, Entra, Sentinel, and Intune.
• Define and review HLDs, LLDs, and security solution artifacts.
• Guide implementation teams and ensure solution delivery adheres to architecture standards.
• Support pre-sales teams with architecture design, SOWs, and technical proposal inputs.
• Assess client environments, identify gaps, and propose architecture roadmaps.
• Align security solutions to compliance frameworks such as NIST, ISO 27001, RBI, GDPR.
• Participate in client architecture boards, technical governance, and project planning sessions.
• Continuously update reference architectures to incorporate evolving threat landscape and Microsoft updates.

Required Skills and Experience

• 10+ years of experience in cybersecurity, with 4+ years in architecture or principal consultant roles.
• Strong hands-on experience designing with Microsoft Sentinel, Microsoft Defender, Microsoft Entra, and Intune.
• In-depth understanding of Zero Trust architecture, hybrid environments, and Microsoft's security stack.
• Ability to lead technical workshops, architecture reviews, and strategy sessions with enterprise customers.
• Proficiency in developing security architecture diagrams, KQL queries, and logic apps.
• Familiarity with cloud security, identity governance, data protection, and threat detection techniques.
• Experience with architecture governance, audits, and design assurance practices.

Preferred Certifications

• SC-100: Microsoft Cybersecurity Architect (highly recommended)
• SC-200: Microsoft Security Operations Analyst
• AZ-500: Azure Security Engineer Associate
• SC-300: Microsoft Identity and Access Administrator
• TOGAF, CISSP, CISM (preferred but optional)

Role Purpose

The purpose of this role is to design the organisations computer and network security infrastructure and protect its systems and sensitive information from cyber threats

Do

1. Design and develop enterprise cyber security strategy and architecture

a. Understand security requirements by evaluating business strategies and conducting system security vulnerability and risk analyses

b. Identify risks associated with business processes, operations,

information security programs and technology projects

c. Identify and communicate current and emerging security threats and design security architecture elements to mitigate threats as they emerge

d. Identify security design gaps in existing and proposed architectures and recommend changes or enhancements

e. Provide product best fit analysis to ensure end to end security covering different faucets of architecture e.g. Layered security, Zoning, Integration aspects, API, Endpoint security, Data security, Compliance and regulations

f. Demonstrate experience in doing security assessment against NIST Frameworks, SANS, CIS, etc.

g. Provide support during technical deployment, configuration, integration and administration of security technologies

h. Demonstrate experience around ITIL or Key process-oriented domains like incident management, configuration management, change management, problem management etc.

i. Provide assistance for disaster recovery in the event of any security breaches, attacks, intrusions and unusual, unauthorized or illegal activity

j. Provide solution of RFPs received from clients and ensure overall design assurance

i. Develop a direction to manage the portfolio of to-be-solutions including systems, shared infrastructure services, applications, hardware related to cyber risk security in order to better match business outcome objectives

ii. Analyse technology environment, enterprise specifics, client requirements to set a collaboration design framework/ architecture

iii. Depending on the clients need with particular standards and technology stacks create complete RFPs

iv. Provide technical leadership to the design, development and implementation of custom solutions through thoughtful use of modern technology

v. Define and understand current state solutions and identify improvements, options & tradeoffs to define target state solutions

vi. Clearly articulate and sell architectural targets, recommendations and reusable patterns and accordingly propose investment roadmaps

vii. Evaluate and recommend solutions to integrate with overall technology ecosystem

viii. Tracks industry and application trends and relates these to planning current and future IT needs

2. Stakeholder coordination & audit assistance

a. Liaise with stakeholders in relation to cyber security issues and provide timely support and future recommendations

b. Provide assistance in maintaining an information security risk register and help with internal and external audits relating to information security

c. Support audit of security best practices and implementation of security principles across the organization, to meet business goals along with customer and regulatory requirements

d. Assist with the creation, maintenance and delivery of cyber security awareness training to team members and customers

e. Provide training to employees on issues such as spam and unwanted or malicious emails

Mandatory Skills: Privilege Password Management CyberArk.

Experience: 10 YEARS.

Job title/role: Security Architect

Experience – 11 to 14 years

Location – Hyderabad, Bangalore, Pune.

About Zensar:

Zensar is a digital solutions company helping organizations around the world achieve new thresholds of business performance. We work with clients in banking and financial services, hi-tech and manufacturing, insurance, consumer services, and more. We prepare our clients for sustainable success through experience design, cloud technology, advanced analytics, and business acceleration.

Zensar is seeking an experienced Data Loss Prevention (DLP) specialist to join our global cyber security operations and incident response team. The DLP focused Cybersecurity Operations and Incident Response Engineer is a critical member of the team providing subject matter expertise in the detection, alerting, and investigation of DLP incidents. Successful candidates will have a strong background in DLP analytics, investigation, and incident management.

We are seeking an experienced Microsoft Defender for Endpoint Architect to design, implement, and optimize our organization's endpoint security architecture. The ideal candidate will provide strategic leadership in integrating Microsoft Defender for Endpoint with our broader security ecosystem.

Key Responsibilities

• Design and architect the Microsoft Defender for Endpoint solution to align with organizational security goals and compliance requirements
• Develop long-term strategies for endpoint security, incorporating Microsoft Defender for Endpoint as a core component
• Lead the integration of Microsoft Defender for Endpoint with other security tools and platforms within the Microsoft ecosystem and beyond
• Provide technical leadership and mentorship to the security team
• Collaborate with senior management to define security policies and procedures
• Conduct regular architecture reviews and recommend improvements
• Stay abreast of emerging threats and new features in Microsoft Defender for Endpoint and related technologies

Required Qualifications

• Bachelor's degree in Computer Science, Information Security, or related field; Master's degree preferred
• 10+ years of experience in cybersecurity, with at least 7 years focusing on endpoint security architecture
• Deep expertise in Microsoft Defender for Endpoint and the Microsoft 365 security stack
• Strong understanding of enterprise security architectures and how endpoint security fits into the bigger picture
• Experience in designing and implementing large-scale endpoint security solutions
• Proficiency in cloud security concepts and implementations, particularly in Azure
• Excellent communication skills, with the ability to translate complex technical concepts to both technical and non-technical stakeholders

Preferred Qualifications

• Relevant advanced certifications (e.g., Microsoft Certified: Cybersecurity Architect Expert, CISSP)
• Experience with other major EDR/XDR solutions for comparative insights
• Knowledge of regulatory compliance requirements (e.g., GDPR, HIPAA, PCI DSS)
• Familiarity with MITRE ATT&CK framework and its application in architecture design
• Experience in scripting and automation for security operations

Relationships:

You will work with CIS Team (Shared Services, Network, Security, Applications) architects, engineers, developers, support, and leadership team on projects and provides subject matter expertise as necessary.

Maintaining a good relationship with our global IT teams is key to your success. In your role you will need to be able to communicate with people at all levels in the organization and work with several of our suppliers and partners.

Exp. in microservices architecture, app, infra, and network security, and familiarity with banking systems. The role requires knowledge of API security, Docker, Kubernetes, and OpenShift.

Connect me for more clarification at

Required Candidate profile

Security Architect (SSEA) reports to the Head of Architecture but is also accountable to the Delivery Head & Lead in the business/functional domain.

Job Description:

Security Architecture is part of Jio's Information Security Team. Primary responsibility of this team is to design & architect secure solutions and to identity threats in early design/architect phases of product development cycle. Drive secure by design initiatives in the organization & mentor delivery teams with right security direction & controls to protect customer data.

Key Responsibilities:

• Design security architecture and data protection controls for on-premises IT applications.
• Design security architecture and data protection controls for applications deployed in AWS/GCP/Azure/OpenStack cloud.
• Design security measures for applications deployed on containers and application built using Free and Open Source Systems.
• Design and review identity and access management system.
• Develop and enforce security policies and procedures related to network security architecture.
• Assess applications against the security architecture guidelines and best practices.
• Research and evaluate new security products.
• Assist in building security-monitoring capability for applications deployed in AWS/GCP/Azure/OpenStack cloud.
• Research on current threat landscape and identify associated security issues for the organization.
• Person should be knowing scripting like SHELL / PYTHON / PERL / TCL.

Mandatory Skills:

• Good understanding of security architecture principles such as network segmentation, authentication, authorization, encryption, audit & logging.
• Experience in security design and deployment experience for GCP/AWS/GCP/Azure cloud environments.
• AWS/GCP - Security Groups, AWS/GCP WAF, Inspector, cloud watch, Shield, Cloud Config, Key management, IAM etc.
• Experience in Network Security such as network IPS, proxy firewalls, XDR, end point protection, sand boxing etc.
• Experience in Application Security such as code reviews, code audit, penetration testing, kube bench, OWASP Top ten exposure etc.
• Azure NSG, WAF, Azure API management, Azure security center, Storage security, IAM, etc.
• Experience and understanding of various authentication and authorization mechanism such as SAML/OpenID/OAuth and using various Identity and Access management platform.
• Knowledge of industry best practices, methodologies, tools, etc. in the field of cybersecurity.

*Mandatory Certifications: CEH*