Job Title : DevSec Cybersecurity Architect.
Permanent/FTE/Contract: Contract( Local Only)
Mode of work: WFO.
Location: Bangalore.
Experience: 12 Years.
Budget: 26.7 LPA .
Notice Period : Immediate to 15 days.
Job Summary:
DevSec Cybersecurity Architect to play a crucial role in ensuring the security of our applications throughout all stages of development and to lead cybersecurity projects and POCs related to telecom and enterprise networks. The ideal candidate will bridge the gap between development operations and security teams implementing robust security measures and best practices across our organization.
Looking for some strong Cyber Security Architect with CISSP or CISM
Application Security experience is required
Exp with DevOps
AI / ML IoT 2G / 3G / 4G /5G experience is required.
Key Responsibilities:
1. Application Security:
* Develop Applications security maturity model by defining the current Asis status and Tobe and the roadmap to reach the targeted maturity level.
* Define all metrics and KPIs to define the application security maturity index in Salam
* Design and implement secure software development lifecycles (SSDLC)
* Conduct security architecture reviews and threat modeling for applications
* Integrate security testing tools into CI/CD pipelines
* Develop and maintain security standards and guidelines for developers
* Perform code reviews to identify and mitigate security vulnerabilities
* Design and implement secure applications architectures for telecom and enterprise environments
* Develop and maintain Applications security policies standards and procedures
* Conduct network vulnerability assessments and penetration testing
* Stay updated on emerging threats and vulnerabilities in applications security and related topics
3. DevSecOps:
* Implement DevSecOps practices and tools to automate security processes
* Collaborate with development and operations teams to integrate security into agile methodologies
* Develop and maintain security metrics and KPIs for continuous improvement
4. Cybersecurity Projects and POCs:
* Lead and manage cybersecurity projects and proof of concepts
* Evaluate and recommend new security technologies and solutions
* Conduct research on emerging cybersecurity trends and technologies
* Prepare and present technical reports and recommendations to stakeholders
5. Compliance and Risk Management:
* Ensure compliance with relevant industry standards and regulations (e.g. OWASP ISO 27001 NCA NIST GDPR)
* Conduct risk assessments and develop risk mitigation strategies
* Participate in security audits and assist in addressing findings
6. Incident Response:
* Develop and maintain incident response plans
* Lead incident response efforts for security breaches or suspected incidents
* Conduct postincident reviews and implement lessons learned
7. Team Leadership and Collaboration:
* Mentor and guide junior security team members
* Collaborate with crossfunctional teams to ensure security is integrated into all aspects of the organization
* Communicate security concepts and requirements to both technical and nontechnical stakeholders
Required Qualifications:
* Bachelors degree in Computer Science Information Security or related field
* 8 years of experience in cybersecurity with at least 5 years in a senior or architectural role
* Strong knowledge of secure software development practices and application security
* Extensive experience in network security particularly in telecom and enterprise environments
* Proficiency in DevSecOps tools and practices
* Indepth understanding of cloud security (AWS Azure GCP)
* Experience with containerization and orchestration technologies (Docker Kubernetes)
* Familiarity with regulatory compliance requirements (NCA ISO 27001 NIST GDPR etc.)
* Strong analytical and problemsolving skills
* Excellent communication and leadership abilities
Preferred Qualifications:
Relevant certifications such as CISSP CSSLP CCSP or CISM
Experience with 3G 4G and 5G network security
Knowledge of AI/ML applications in cybersecurity
Experience with IoT security
Proficiency in scripting languages (Python Bash PowerShell)
secure software development,scripting languages,orchestration,risk,application security,network security,security,compliance,devsecops,risk assessment,threat modeling,containerization,cybersecurity,cybersecurity projects,incident response,cloud security