Project Role : Security Architect
Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations.
Must have skills : Web Application Firewall (WAF), Amazon Web Services (AWS) Security
Good to have skills : NA
Minimum 7.5 Year(s) Of Experience Is Required
Educational Qualification : 15 years full time education
Summary:
As a highly experienced AWS Cloud Security Architect, with deep expertise in AWS WAF, AWS Network Firewall, AWS Firewall Manager, and AWS Shield Advanced. The role involves architecting, leading, and governing large-scale cloud security controls across multi-account AWS environments, protecting enterprise-grade web applications and APIs from sophisticated threats.
The candidate is expected to act as a technical authority and mentor, driving security strategy, design standards, and operational excellence across cloud-native and hybrid architectures.
Roles & Responsibilities:
- Expected to be an SME, collaborate and manage the team to perform.
- Cloud & Application Security Architecture
- Architect and lead enterprise-scale implementations of AWS WAF, AWS Network Firewall, and AWS Firewall Manager across multi-account AWS Organizations.
- Design Layer 7 (L7) security controls for web applications, APIs, ALB, CloudFront, API Gateway, and AppSync
- Define standardized WAF rule sets, managed rule groups, custom rules, and exception-handling strategies
- Implement zero-trust and defense-in-depth cloud security architectures
- Threat Protection & Incident Response
- Lead mitigation strategies for OWASP Top 10, bot attacks, application-layer DDoS, SQL injection, XSS, and credential abuse.
- Drive real-time incident response including WAF rule tuning, traffic analysis, and coordinated attack mitigation
- Integrate AWS WAF and firewall logs with SIEM platforms (Splunk, Sentinel, etc.) for detection and response
Governance, Automation & Scale
Govern security policy enforcement using AWS Firewall Manager across accounts and regions
- Automate WAF and firewall deployments using Terraform / CloudFormation / CI-CD pipelines
- Establish baseline security configurations, metrics, and KPIs for continuous monitoring and improvement
- Leadership & Stakeholder Management
- Act as Subject Matter Expert (SME) for AWS perimeter and application security
- Mentor senior engineers and security teams on cloud-native security best practices
- Partner with application, DevOps, compliance, and risk teams to embed security into SDLC
- Provide architectural reviews, threat modeling, and executive-level security recommendations
Professional & Technical Skills:
- Must To Have Skills: Proficiency in Web Application Firewall (WAF), Amazon Web Services (AWS) Security.
AWS Security Services
- AWS WAF (Classic & v2)
- AWS Network Firewall
- AWS Firewall Manager
- AWS Shield Advanced
- CloudFront, ALB, NLB, API Gateway integration
- Security & Networking
- Strong knowledge of HTTP/S, TLS, DNS, TCP/IP
- Application-layer security and OWASP Top 10
- Bot mitigation, rate limiting, geo-blocking, IP reputation controls
- Experience with hybrid and multi-cloud connectivity (VPN, Direct Connect)
- Automation & Tools
- Infrastructure as Code (Terraform preferred)
- Logging & monitoring: CloudWatch, Splunk, ELK, Sentinel
- Ticketing and ITSM tools (ServiceNow, Jira)
Additional Information:
- The candidate should have minimum 7.5 years of experience in Web Application Firewall (WAF).
- This position is based at our Mumbai office.
- A 15 years full time education is required.
- Bachelors and above degree in Computer Science, Information Technology, MIS, Engineering / Bachelor or college degree in related field or equivalent work experience (Full time).
- The candidate should have minimum 10+ years of experience in AWS WAF & AWS Network Firewall.
- WS Certified Security – Specialty (SCS-C02 / SCS-C03)
- AWS Certified Solutions Architect – Professional (SAP-C02)
