122 Security Architecture jobs in Mumbai

Business Function

Technology and Operations (T&O) enables and empowers the bank with an efficient, nimble and resilient infrastructure through a strategic focus on productivity, quality & control, technology, people capability and innovation. In Group T&O, we manage the majority of the Bank's operational processes and inspire to delight our business partners through our multiple banking delivery channels.

Job Summary:

We are seeking a highly skilled and experienced Security Architect to design, build, and maintain bank's and Vendor security architecture. This role will be responsible for evaluating and improving Bank/Vendor security posture, ensuring that systems, data, applications, and networks are secure and compliant with industry standards, regulations, and best practices and maintaining the ATM Logical security.

Key Responsibilities:

Security Architecture Design:

Design and implement robust security architectures for cloud, on-premises, and hybrid environments.

Develop and enforce security policies, standards, and procedures across systems and applications.

Define security requirements and work with relevant teams to ensure secure system design and integration.

Risk Management & Compliance:

Conduct risk assessments and recommend mitigation strategies.

Ensure compliance with relevant regulatory frameworks (e.g., ISO 27001, NIST, PCI-DSS).

Support audits and respond to security-related inquiries, regulatory compliance (e.g. DPSC, RBI Cybersecurity Framework, SEBI CSCRF, IT outsourcing guidelines digital lending norms).

ATM Logical Security:

Ensure Logical controls on all the bank ATM terminals is inline to bank standard.

Perform periodic ATM security assessment covering Vulnerability management, Host level security etc.

Perform periodic Governance of the ATM logical security controls.

Collaboration & Guidance:

Serve as a security advisor to business units, IT, Business partners, Vendors and Application teams.

Lead threat modeling exercises and provide security reviews for new systems, Projects or services.

Regulatory Reporting;

Ensure timely and accurate submission of periodic and ad-hoc returns, statements, and reports of regulatory submissions like Quarterly Cyber KRI, Tranche I, Tranche II, Tranche III etc.

Maintain records of all regulatory submissions, approvals, and correspondences with RBI.

Training & Awareness:

Conduct training sessions and awareness programs on RBI regulations and compliance best practices.

Promote a culture of regulatory compliance and ethical conduct across the organization.

Monitoring & Response:

Collaborate with Security Operations to develop and improve monitoring and incident response capabilities.

Assist in the investigation of security breaches and help with the root cause analysis.

Security Tools & Technologies:

Manage security solutions such as SIEM, EDR, WAF, IAM etc.

Stay up-to-date on the latest cybersecurity trends, technologies, and threat landscapes.

---

Requirements

Skills & Competencies:

Primary Location

Job

Schedule

Employee Status

Job Posting

Key Responsibilities:

Global Network Security Operations with managing Incidents and Requests on
Palo Alto Firewall
, DNS,DHCP, Proxy (Zscaler and Netskope )

Key Performance Indicators:

Firewall Implementation, Resolution of
Palo Alto Firewall
, DNS, DHCP, Proxy (Zscaler and Netskope ) Incidents and Requests to maintain high Network Availability for end users / businesses

Qualificaton:

B.E (EXTC)

Functional Skills/Competencies:

Perfect communication in English, End-user service oriented, Good Interpersonal skills, Ability to work under pressure,Rigour and synthesis, Advanced level of troubleshooting skills

Behavioral Skills/Competencies:

Autonomy, Able to demonstrate rigour and a willingness to adhere to the defined processes and procedures,Strong understanding and knowledge of Internet infrastructures, Experience in IT infrastructure support

Position Purpose

The main activities of the Head iNet is to manage, maintain, implement and promote secured, robust, stable, redundant, Network Security infrastructure. Explore, evaluate and propose latest technologies in security domain. Lead BAU team for operational activities, any critical incident or task. The person will lead the team ensuring effective service management to meet service-level agreements and control costs.

Responsibilities - Technical & Behavioral Competencies

The iNet engineer acts as escalation point for technical issues regarding iNet technology platforms and works jointly with other infrastructure teams for delivering projects and implementing required changes in the iNet technology platforms as well as keeping the platform up.

The iNet team supports the following technologies:

• Firewall Systems (Checkpoint & Fortinet)

• Global Traffic Managers (F5)

• Load Balancers (F5 & AVI networks)

• SSL Accelerators (F5)

• DNS/DHCP (Infoblox)

• Proxies (SkyHigh Web Gateway & Bluecoat)

• HSM Appliances (Entrust)

The technical environment of this position is as follows. Proven track record in at least two of these is required:

Firewalls: Advanced knowledge of concepts relating to firewall platforms and related network environments (platform architecture, topologies, protocols.).

Operational experience of Fortinet and Checkpoint technologies appreciated.

Proxies: Strong familiarity of SSL/TLSs protocols, and mastery of concepts related to proxy technology (functional scope and purpose, traffic intermediation and security stack.).

Operational experience of SkyHigh and Bluecoat technologies appreciated.

Load-balancing: Strong familiarity of load-balancing concepts (topologies, platform architecture, load-balancing algorithms & parameters.) and DNS/GSLB load-balancing.

Experience with F5 technology appreciated.

DNS/DHCP: Familiarity of concepts and architectures relating to DNS, DHCP and IPAM.

Operational experience of Infoblox technology appreciated.

Remote access: Familiarity of concepts and protocols related to end-user VPNs (both IPSEC & SSL).

Operational knowledge of Cisco ASA/FTD platforms appreciated.

Administration: Operational knowledge of monitoring software (Zabbix / solarwinds / HPOO / Dynatrace.) and protocols (mostly SNMP).

Ability to use, repurpose, troubleshoot, and possibly develop administration scripts (python, bash, perl).

Operational experience of Ansible use for automation & deployment.

The key responsibilities for this role are:

Adapt and maintain standard firewall, load-balancer, proxy and DDI architectures and ensure supporting documentation is accurate.

Maintain platforms (software and hardware lifecycle management) for all technology described above.

Define & deliver vision and roadmap in collaboration with the head office.

Prioritize teams backlogs based on objectives and work at hand.

Leads vendor relationships with owned technologies.

Interacts with stakeholders across the organization to understand their security needs and expectations.

Ensure that all systems are properly monitored and manage alerts when they happen.

Ensure that all asset referential are kept up to date, and manage remediation when reconciliation shows some gaps

Expected profile:

8+ years of hands-on field experience in the iNet technical scope.

Ability to work efficiently under pressure in high-stress incident situations.

Demonstrate leadership experience with large, complex programmes, and deeply technical global expert.

Seasoned technology leader with rich experience of leading engineering teams.

Oral and written fluency in English.

Specific Qualifications (if required)

B.E or Equivalent

CCNP (Routing & Switching)

Purpose of the Role

We are seeking a highly skilled and experienced Network Level 3 Subject Matter Expert (SME) to join our team. The ideal candidate will have 10+ years of hands-on experience in configuring, troubleshooting, and optimizing complex network infrastructures, including Routers, Switches, SD-WAN devices, Enterprise Firewalls, P2P Links, MPLS Links, and Routing Protocols. As a Network SME, you will be expected to independently design and troubleshoot intricate network issues with minimal technical assistance.

The candidate should be capable of working on large-scale heterogeneous networks, ideally with over 600+ devices and 4500+ users spread across India or globally. A CCIE certification is highly preferred.

Please find the JD.

Role & Responsibilities

• Network Design & Architecture:
• Oversee the design, deployment, and maintenance of the company's network infrastructure, including LAN, WAN, VPN, SDWAN, MPLS, firewalls, routers, and switches.
• Ensure the network architecture aligns with business needs and industry best practices.
• Evaluate emerging technologies and recommend network enhancements.

• Network Security & Compliance:
• Implement and enforce network security protocols to protect the company's data and assets.
• Ensure compliance with relevant regulations, standards, and best practices.
• Conduct regular security audits and vulnerability assessments.

• Operational Management:
• Monitor network performance and reliability, ensuring maximum uptime and minimal disruption to business operations.
• Oversee network troubleshooting and issue resolution, including root cause analysis and preventive measures.
• Manage network capacity planning and upgrades to accommodate business growth.

• Vendor & Stakeholder Management:
• Work closely with vendors and service providers to negotiate contracts, manage relationships, and ensure delivery of high-quality network services.
• Collaborate with other departments to understand their network needs and provide technical guidance.

• Budget & Resource Management:
• Develop and manage the network administration budget, ensuring cost-effective use of resources.
• Oversee the procurement of network equipment and services, ensuring alignment with the budget and strategic goals

• Miscellaneous
• Respond to alerts and incidents related to Network operations and escalate issues as necessary.
• Perform routine maintenance tasks such as backups, patch management, and system updates.
• Document processes, procedures, and system configurations.
• Resolve day to day issues related to Network and provide timely updates to manager
• Perform root-cause analysis on repeated issues to enable future prevention
• Ensure all Network equipment’s are up-to-date with latest patches. Adhere to IT security procedures & processes
• Review daily pending ticket and ensure they are resolved within agreed SLA’s
• Logging of call with OEM / vendors in case of any errors/break downs
• Manage & deliver mid to large scale IT projects

Qualifications & Skills

• Minimum 10+ years of relevant experience in managing large & complex networks on PAN India basis.
• Hands on experience to configure Routers, Firewall, Switches, SDWAN devices & other technologies
• Experience with network automation tools, scripting, and network monitoring solutions
• Knowledge of advanced security technologies (Firewalls, IPS/IDS, VPN, etc.) and best practices.
• Experience in managing or deploying SD-WAN solutions in large enterprise networks
• Very strong customer service skills
• Strong vendor management skills
• Proven experience as a Senior Network Administrator or in a similar role.
• Strong knowledge of Routers, Switches, Firewall, SDWAN devices, etc.
• Experience with Network monitoring tools and software’s.
• Ability to troubleshoot network related issues (hardware and software) independently.
• Excellent communication skills and the ability to work effectively in a team environment.
• Adept to work in a fast paced business environment and deliver within tight deadlines
• Have managed support for network equipment’s more than 600+ devices
• Help create technical documentation and manuals
• Exposure to compliance standards as ISO27001 and PCI DSS would be an added advantage

Qualification:

• Diploma or Degree holder
• IT Certifications (CCNA, CCIE, etc.) preferred but not mandatory

Role-Network & Security Lead (L3)

Location-Mumbai

Experience-8 years to 10 Years

Skill Set-Switching & Routing(Cisco, HP, Juniper),Access Points (CISCO ISE),Wireless Controller (CISCO ISE), Firewall (Cisco, HP, Juniper, Fortinet),VPN (Cisco, Fortinet)

Job Title: Security L2 Engineer

Location: Mumbai Airoli

Work Mode: Work from Office (5 Days Working - General Shift)

Budget: 18 LPA

Overview:

We are seeking a highly skilled and experienced Security L3 Engineer to join our team. This individual will be responsible for managing, troubleshooting, and optimizing security infrastructure across various technologies, ensuring the security of our network and data. The ideal candidate will have extensive hands-on experience with firewalls, IDS/IPS, proxies, WAF, and email gateways, specifically with Palo Alto, Juniper SRX, Fortigate, McAfee, Zscaler, Akamai, and Cisco Ironport.

Key Responsibilities:

Firewall Management:

• Configure, manage, and troubleshoot Palo Alto, Juniper SRX, and Fortigate firewalls to ensure optimal security configurations, rule sets, and access control policies.
• Perform regular firewall audits, identify security vulnerabilities, and provide recommendations for improvements.

IDS/IPS Management:

• Monitor and manage McAfee IDS/IPS systems for intrusion detection and prevention.
• Analyze and respond to security alerts, ensuring timely incident response and escalation where necessary.

Proxy Management:

• Configure and maintain McAfee and Zscaler proxy solutions to monitor and secure internet traffic.
• Troubleshoot proxy-related issues and ensure that web traffic is being securely filtered according to company policies.

WAF Management:

• Administer and optimize Akamai Web Application Firewall (WAF) to protect web applications from threats and vulnerabilities.
• Conduct performance tuning and ensure continuous protection for applications against evolving threats.

Email Gateway Security:

• Manage and maintain Cisco Ironport email gateway for email security, including spam filtering, malware detection, and preventing phishing attacks.
• Monitor email traffic, troubleshoot security issues, and ensure compliance with email security best practices.

Security Incident Management:

• Respond to and investigate security incidents, conducting root cause analysis and ensuring effective remediation steps are taken.
• Work closely with internal teams and external vendors to mitigate any security threats.

Security Policy and Procedure Development:

• Assist in the development and enforcement of security policies, procedures, and best practices across the organization.
• Ensure that security policies and procedures are updated in accordance with industry standards and regulations.

Collaboration and Reporting:

• Collaborate with cross-functional teams to ensure seamless security operations and compliance.
• Prepare and present security reports to senior management, highlighting critical issues and recommending solutions.

Mentoring and Support:

• Provide guidance and mentoring to junior team members, sharing best practices and knowledge in security management.
• Act as an escalation point for complex security issues and provide advanced troubleshooting support.

Qualifications and Skills:

Experience:

• At least 6+ years of hands-on experience working with security technologies, specifically Palo Alto Firewalls, Juniper SRX, Fortigate, McAfee IDS/IPS, McAfee/Zscaler Proxy, Akamai WAF, and Cisco Ironport.
• Experience in managing complex network security infrastructure and ensuring its proper functioning.
• Certifications: Palo Alto Networks Certified Network Security Engineer (PCNSE) (preferred).
• Certified Information Systems Security Professional (CISSP) or equivalent (preferred).
• Any relevant certifications for McAfee, Zscaler, Akamai, Juniper, Fortigate, and Cisco Ironport (highly desirable).

Technical Skills:

• In-depth knowledge of network security protocols and technologies.
• Strong understanding of firewall configurations, IDS/IPS systems, email security, web application firewalls, and proxy solutions.
• Expertise in incident management, vulnerability analysis, and security monitoring tools.
• Strong troubleshooting and analytical skills.
• Soft Skills:
• Excellent communication and interpersonal skills, with the ability to collaborate effectively with both technical and non-technical teams.
• Strong organizational and time management skills, with the ability to handle multiple priorities and meet deadlines.

Certifications required –

• PCNSA/PCNSE
• JNCIA/JNCIP Security
• ZIA-A/ZIA-P -ZscalerInternet Access