Cocolevio - Security Architect - iAM/PAM (10-15 yrs)

Responsibilities :

- Design and implement comprehensive security architectures for on-premises, cloud, and hybrid environments.

- Develop security policies, standards, and procedures to ensure compliance with industry best practices and regulatory requirements.

- Evaluate and recommend security technologies and solutions to address evolving threats.

- Lead the design and implementation of security controls for applications, systems, and networks.

- Conduct security risk assessments and vulnerability analyses to identify potential threats and weaknesses.

- Develop and implement risk mitigation strategies and remediation plans.

- Perform security audits and compliance reviews.

- Provide guidance on security best practices and risk management principles.

- Design and implement security controls for cloud platforms (AWS, Azure, GCP).

- Ensure secure configuration of cloud services and resources.

- Implement cloud security monitoring and logging solutions.

- Develop and maintain cloud security policies and procedures.

- Design and implement encryption solutions for data at rest and in transit.

- Evaluate and recommend encryption technologies and key management systems.

- Ensure compliance with data protection regulations and standards.

- Implement data loss prevention (DLP) strategies.

- Design and implement IAM solutions, including authentication, authorization, and access control.

- Develop and maintain IAM policies and procedures.

- Integrate IAM systems with applications and services.

- Implement privileged access management (PAM) solutions.

- Design and implement security controls for APIs, including authentication, authorization, and rate limiting.

- Perform API security testing and vulnerability assessments.

- Develop and maintain API security policies and procedures.

- Participate in incident response activities and provide technical expertise.

- Develop and maintain incident response plans and procedures.

- Collaborate with security operations teams to monitor and respond to security events.

- Communicate security risks and solutions effectively to both technical and non-technical stakeholders.

- Collaborate with cross-functional teams, including developers, system administrators, and business units.

- Provide security training and awareness programs.

- Document security architectures, policies, and procedures.

- Stay up-to-date with the latest security threats, technologies, and best practices.

- Research and evaluate new security solutions and methodologies.

- Drive continuous improvement of security processes and procedures.

Technical Skills & Qualifications :

- 10+ years of experience in security architecture and related fields.

- Deep understanding of security principles, frameworks, and best practices.

- Extensive experience with cloud security (AWS, Azure, GCP).

- Strong knowledge of encryption technologies and key management systems.

- Expertise in identity and access management (IAM) and privileged access management (PAM).

- Experience with API security and web application security.

- Proficiency in risk management and security assessment methodologies.

- Strong understanding of network security, operating systems, and application security.

- Experience with security tools and technologies (SIEM, vulnerability scanners, penetration testing tools).

- Excellent communication and presentation skills.

- Strong problem-solving and analytical skills.

- Ability to work independently and as part of a team.