Associate Distinguished Engineer (Information Security Architect)

👋🏼We're Nagarro

We are a Digital Product Engineering company that is scaling in a big way! We build products, services, and experiences that inspire, excite, and delight. We work at scale — across all devices and digital mediums, and our people exist everywhere in the world (18000+ experts across 36 countries, to be exact). Our work culture is dynamic and non-hierarchical. We're looking for great new colleagues. That's where you come in.

LOCATIONS: Gurgaon/ Noida/ Pune/ Jaipur/ Bangalore/ Hyderabad

REQUIREMENTS:

• Experience: 14+yrs
• Must have: Cloud Security - General Experience, Security Assessment, Security Automation, Security Roadmapping
• Demonstrable experience in Information Security in operations, engineering, or architect roles.
• Expertise in application and secure software design principles, common attack patterns, OWASP top 10 risks/vulnerabilities/solutions, and frameworks.
• Understanding of Identity and Access Management in enterprise and hybrid environments, including SSO, OAuth, SAML, AD & ADFS, Privileged Access Management, RBAC, PKI, and Encryption.
• Professional experience with modern technologies such as public and private cloud (AWS, GCP, Azure), containerization and orchestration (Kubernetes), and microservice architectures.
• Strong understanding of audit and risk frameworks (COBIT, NIST, ISO), standards (ISO 27000 family, HITRUST), and government guidelines and laws (HIPAA, GDPR).
• Proficiency in application security architecture concepts across technologies and application security disciplines for compliance (DAST, SAST), Data Security, Vulnerability Assessment, and Penetration Testing (VAPT).

RESPONSIBILITIES:

• Act as an architect and trusted advisor, defining, delivering, and maintaining secure architecture patterns across complex, global architectures.
• Introduce improvements in implementation patterns and architectural design concepts.
• Secure modern technologies such as Cloud, Kubernetes, Containers, and Serverless platforms, ensuring security and risk mitigation.
• Promote and drive a DevSecOps culture within the organization.
• Provide thought leadership as an active member of the Architecture CoE team.
• Participate in proof of concepts and other technical evaluations of cybersecurity technologies, designs, and solutions.
• Conduct Security Architecture Reviews and provide technical design/architecture advice to internal teams for securely developing and building applications/supporting systems.
• Collaborate with technical architects to evaluate business requests and proposed designs, recommending optimal solutions to meet security and regulatory requirements.
• Work with the Practice team to identify and qualify business opportunities.
• Create frameworks, questionnaire toolkits, and assessment tools to facilitate workshops with customers.

Bachelor's or Master's degree in computer science, Information Technology, or a related field.

Click here to access the application privacy notice