While technology is the heart of our business, a global and diverse culture is the heart of our success. We love our people and we take pride in catering them to a culture built on transparency, diversity, integrity, learning and growth.
If working in an environment that encourages you to innovate and excel, not just in professional but personal life, interests you- you would enjoy your career with Quantiphi!
Role : Architect - Platform (Security Specialist)
Experience: 7-14 Years
Location: Mumbai/Bangalore
Key Responsibilities
- Design, build, and secure AWS platform infrastructure using IaC (CloudFormation / Terraform).
- Implement and manage security controls across AWS environments (IAM, KMS, Secrets Manager, Network Firewall).
- Build automated security guardrails and compliance checks using AWS Security Hub, Config, and IAM Access Analyzer. Develop secure CI/CD pipelines, including automated policy checks, vulnerability scans, and artifact integrity validation.
- Implement centralized logging and monitoring using CloudWatch, SIEM tools, GuardDuty, and VPC Flow Logs.
- Collaborate with application and DevOps teams to define secure architecture patterns, network segmentation, and zero-trust controls.
- Conduct regular security assessments, risk reviews, and threat modelling for workloads hosted on AWS.
- Enforce tagging standards, data-classification controls, and lifecycle policies across AWS resources.
- Support incident response activities, root-cause analysis, remediation planning, and post-incident improvements.
- Document platform security design, runbooks, best practices, and alignment with enterprise security standards.
- Manage and integrate security tools such as SIEM, DLP, Cloud Proxy, CASB, or Isolation systems when relevant to AWS workloads.
- Provide training and guidance to engineering teams on secure AWS usage, identity governance, and least-privilege access.
- Experience integrating AWS environments with Security Operations Centers (SOC) for real-time alerting, threat detection, and incident escalation workflows.
Must Have Skills
- Overall 7+ years of Experience in AWS Cloud platform/security engineering and 3-5 years of experience in cloud security/cybersecurity.
- Deep knowledge of AWS security services: IAM, KMS, Security Hub, GuardDuty, AWS Config, VPC Security, WAF, Network Firewall.
- Strong understanding of cloud security models, zero-trust principles, least privilege, encryption, data protection, and network security fundamentals.
- Hands-on experience with either of IaC tools: CloudFormation, Terraform, CDK.
- Proficiency in scripting languages such as Python or Bash for automation.
- Experience setting up centralized logging, SIEM integrations, and security event monitoring.
- Strong understanding of CI/CD security, artifact scanning, secrets management, and pipeline hardening.
- Knowledge of network security tools and concepts: firewalls, proxies, routing, segmentation, DLP, isolation appliances.
- Familiarity with compliance frameworks (GDPR, HIPAA, PCI, SOC2) and ability to enforce security baseline standards.
- Strong analytical and troubleshooting skills to resolve platform and security issues.
- Excellent communication and collaboration skills to work across cross-functional engineering and security teams.
- Exposure to advanced data protection practices such as data classification, DLP controls, encryption strategy design, and secure data lifecycle management.
Good to Have Skills
- Experience securing multi-cloud (AWS + GCP/Azure) environments.
- Experience with container security for ECS/EKS (image scanning, runtime protection, IAM roles for tasks).
- Knowledge of SIEM platforms like Sumo Logic, Splunk, or Datadog.
- Experience with AWS Macie, Detective, and advanced data governance solutions.
- Exposure to zero-trust security, identity federation, and SSO (Azure AD/Okta).
- Familiarity with incident response processes and playbook automation (SOAR).
- Experience designing isolation, or exfiltration-prevention controls.
- Additional security certifications (CISSP, CISM, CCSP, AWS Security Specialty)
- Understanding of SOC processes, including Tier-1/2/3 triage, playbook execution, case management, ticketing systems, and threat intelligence enrichment.
- Hands-on knowledge of security incident management, including detection, investigation, containment, eradication, recovery, and post-incident reviews.
If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us!
