IT Security Architect (Product and Infrastructure)

AutoRABIT Profile

AutoRABIT is the leader in DevSecOps for SaaS platforms such as Salesforce. Its unique metadata-aware capability makes Release Management, Version Control, and Backup & Recovery complete, reliable, and effective. AutoRABIT’s highly scalable framework covers the entire DevSecOps cycle, which makes it the favourite platform for companies, especially large ones who require enterprise strength and robustness in their deployment environment.

AutoRABIT increases the productivity and confidence of developers which makes it a critical tool for development teams, especially large ones with complex applications. AutoRABIT has institutional funding and is well positioned for growth. Headquartered in San Ramon, CA and with customers worldwide, AutoRABIT is a place for bringing your creativity to the most demanding SaaS marketplace. 

Job Role

As an Infrastructure & IT Security Architect, you will spearhead the development, implementation, and continual refinement of our organization's IT and cloud security frameworks as well as creating secure architecture for web applications. This role demands a thorough understanding of hardware, software, cloud, and development security solutions, across physical infrastructures and cloud-based platforms, ensuring our data and assets remain secure against evolving threats while adhering to stringent compliance standards. This role is ideal for a proactive, detail-oriented individual adept in complex security system management and dedicated to upholding best practices in IT security across the organization.

Roles & Responsibilities

• Security System Design: Craft and maintain comprehensive security architectures that unify various IT security components, including firewalls, intrusion detection systems, local networks, and corporate clouds (Azure, MDM, M365 Email).
• Risk Assessment and Management: Conduct detailed assessments to pinpoint vulnerabilities within the IT infrastructure, crafting and implementing robust strategies to mitigate identified risks.
• Policy Development and Compliance: Draft, update, and uphold IT security policies and procedures, ensuring alignment with legal standards and regulatory requirements such as SOC2, HIPAA, PCI DSS, ISO/IEC 27001, and FedRAMP.
• Incident Response: Lead the incident response protocol, managing security breaches and cyber incidents in cooperation with the InfoSec team.
• Vendor Management: Manage third-party vendors to ensure compliance of their software, services, and infrastructure with our security standards.
• Training and Development: Conduct training sessions to bolster security awareness and practices within the organization.
• Cloud Security Management: Oversee security for cloud infrastructure across AWS and Azure, managing compliance and serving as a point of contact for related audit activities.
• Audit and Evidence Management: Facilitate internal and external audits by providing necessary documentation and evidence, ensuring compliance with security audits.
• Web Application Security: Design and implement secure architectures for web applications, enforce secure coding practices, conduct threat modeling, and implement security measures like authentication, authorization, and data protection. Ensure the development process adheres to industry standards such as OWASP Top 10 and secure software development frameworks.
• Responsibility to adhere to set internal controls.

Desired Skills and Experience

• Expertise in SIEM (Elasticsearch); IDS/IPS/EDR/NDR/XDR (Trendmicro); IAM (Okta, Microsoft AD); and vulnerability scanning and penetration testing tools (Qualys, Nessus, Burp Suite).
• Proficient in security protocols (SSH, HTTPS, IPsec, DKIM, SPF, DMARC) and encryption technologies (PGP, Veracrypt, SSL/TLS).
• Familiar with cloud security management tools (SecurityHub, GuardDuty, Macie, Inspector, CloudTrail, Config, WAF, Shield, DLP, Threat Intelligence).
• Skilled in infrastructure as code automation tools (Ansible, Terraform) and scripting languages (Bash, Python), as well as AWS and Azure Cloud Infrastructure.

• Proficient in managing network architecture including LAN, WAN, VPN.
• Able to perform threat modeling and security risk assessments effectively.
• Knowledgeable in Windows, Mac, Linux OS, and cloud server environments.
• Fluent in English, both written and spoken, to effectively communicate and document security processes and compliance.

Educational and Professional Requirements

• Bachelor’s degree in computer science, Cybersecurity, or a related field.
• Relevant professional certifications (e.g., CISSP, CISM, CEH) are highly desirable.
• Approximately 10 years of demonstrated experience in IT security architecture and cloud security solutions.

Experience: 10+ years

Location: Hyderabad

Travel Required: Yes, 20% 

Website: https://www.autorabit.com/