Job Description

VP, Security Architect

Our Ideal Candidate

• Bachelor\'s degree in engineering, computer science, preferably majoring in cybersecurity.
• 3 and more years of experience in security architecture roles, leading complex architectural projects with multiple stakeholders, utilizing various security tools/technologies.
• 2-3 years hands-on experience (coding in Java, JS, Python) ideally full stack development.
• Proven threat modelling experience using STRIDE/MITRE/OWASP and/or other threat modelling methodologies for complex systems (ideally MITRE ATT&CK Defenders (MAD) Certified).
• 1-2 years of experience in networking architecture and/or networking security architecture and/or AWS networking specialty certified / Cisco CCNP Security / etc.
• Deep technical skills with good understanding in cross-functional technologies (IAM, data protection, threat management, vuln management, etc.) ability to dive into technical engineering details.
• Experience in offensive tactics, techniques, and procedures (TTPs), pen-testing / hacking background or (OSCP, CEH master) certified.
• Excellent communication skills, ability to explain complex topics to both technical and non-technical audiences. Proven ability to influence relevant stakeholders and decision makers.
• Excellent organisational skills, ability to manage deadlines and effectively prioritise multiple projects.

Role-Specific Technical Competencies

• Experience working in security architecture/engineering roles for financial institutes.
• Relevant cybersecurity certifications (AWS/Google/Microsoft Certified Security specialist, architect, GDSA, SANS GIAC, CISSP-ISSAP).
• AWS solutions architect professional certified and 3 years of experience in AWS environment or 5 hands-on years equivalent experience in AWS solution architecture.
• In-depth understanding of threat-attack methodologies (STRIDE, DREAD, OWASP, Attack trees, MITRE ATT&CK, etc.) and corresponding mitigations in an enterprise environment.
• Experience with cybersecurity frameworks e.g., NIST cybersecurity framework, NIST 800-53v5, NIST 800-37, ISO 27xxx, etc.
• Knowledge of offensive tactics, techniques, and procedures (TTPs), ideally completed training and/or certifications (OSCP, CEH, Pentest+, etc.)

Company Reg No.: 201131609D | Licence No.: 11C4684 | Sugam Bordoloi

eFinancialCareers