Information Security Specialist

Collaborate with clients to understand their business objectives, security concerns, and regulatory requirements
Conduct security assessments and audits to identify vulnerabilities and risks in the existing infrastructure

2. Security Design and Architecture:

Design and architect secure and scalable solutions that align with client requirements
Develop comprehensive security architectures, including network, system, and application security

3. Risk Management:

Conduct risk assessments and provide recommendations for risk mitigation
Define and implement security policies, standards, and procedures to ensure compliance with industry regulations

4. Technology:

Evaluate and recommend security technologies and tools to enhance the overall security posture.
Stay abreast of emerging security threats and technologies to proactively address potential risks.

5. Security Awareness and Training:

Provide guidance and training to client teams on security best practices.
Foster a security-conscious culture within client organizations.
6. Collaboration with Stakeholders:

Collaborate with internal and external stakeholders, including IS teams, management, and third-party vendors.
Act as a trusted advisor to clients, providing expert guidance on security matters.

7. Documentation and Reporting:

Prepare detailed HLD documentation, including security architecture diagrams, risk assessments, and security policies.
Provide regular reports on the state of customer security posture and recommendations for improvement.

5 years of proven experience as Information Security Architect

In-depth knowledge of security architectural consideration from End to End Applicative & Infrastructure security perspective
Experience with Cloud solutions (IaaS, PaaS, SaaS - AWS, Azure, GCP, OCI)
2-3 years of proven experience in defining security requirements, designing security architectures and security project implementation
Experience in leading cross-domain solutions
Knowledge of information security concepts, design/architecture, and methodologies
Knowledge with security aspects of OS, Database, Network, K8S, Serverless, IAM, WAF
Knowledge and experience with security controls and tools such as XDR, vuln MNG, WAF, API GW, CSPM, SIEM and threat hunting
High understanding of Encryption, Identity management, Federations, Logging monitoring and governance practices.
Knowledge of compliances (PCI DSS, Sox, DPA, etc.) and IS standards (ISO 27001, BS25999, ISO 2700X, OWASP, CIS, etc.)
Knowledge of S-SDLC methodology procedures, CICD and DevOps Methods
Security-related certifications (CCSP, CISSP, CISM, CISA, etc.) - Advantage