Security Architect - Threat Modeling (5-7 yrs)

Job Description :

Responsibilities :

- Define and implement a comprehensive cloud security architecture, including security controls for data security, identity and access management, threat detection and response, and compliance.

- Design and implement security controls for cloud services such as IaaS, PaaS, and SaaS.

- Evaluate and recommend cloud security tools and services.

- Design, implement, and maintain ForgeRock Access Management solutions for authentication, authorization, and single sign-on.

- Configure and administer ForgeRock Access Management components, including user directories, authentication mechanisms, and authorization policies.

- Integrate ForgeRock Access Management with other security and business applications.

- Document the implementation of cloud security controls and transition to cloud security-managed operations.

- Develop and implement security monitoring and alerting mechanisms.

- Conduct security assessments and vulnerability scans.

- Investigate and respond to security incidents.

- Ensure compliance with relevant security standards and regulations (e., ISO 27001, SOC 2, GDPR).

- Advise on security best practices and implement security awareness programs.

- Collaborate with development teams, operations teams, and business stakeholders to ensure security is integrated into all phases of the software development lifecycle.

- Communicate security risks and mitigation strategies effectively to stakeholders.

Qualifications :

- 5+ years of experience in information security with a strong focus on cloud security.

- In-depth knowledge of cloud security best practices and frameworks (AWS Well-Architected Framework, Azure Security Benchmark).

- Hands-on experience with ForgeRock Access Management.

- Experience with cloud platforms (AWS, Azure, GCP).

- Strong understanding of security principles and concepts, including threat modeling, vulnerability management, and incident response.

- Experience with security tools and technologies (SIEM, IDS/IPS, firewalls).

- Excellent analytical and problem-solving skills.

- Strong communication and interpersonal skills.

- Ability to work independently and as part of a team.

- Bachelor's degree in Computer Science, Cybersecurity, or a related field.

Bonus Points :

- Industry-recognized security certifications (CISSP, CISM, AWS Certified Security Specialty).

- Experience with scripting languages (Python, PowerShell).

- Experience with DevOps methodologies and tools