About the Role:
We are seeking a highly experienced and strategic Security Architect with a strong focus on Governance, Risk, and Compliance (GRC) and Third-Party Risk Management (TPRM). This role is critical in enhancing our security posture, particularly within cloud and SaaS environments, and ensuring robust vendor and supplier security. The ideal candidate will possess deep security architecture expertise, strong analytical capabilities, and a proven ability to influence stakeholders across all levels of the organization, especially within the banking/finance sector.
Key Responsibilities:
- Security Architecture & Strategy: Influence domain architecture and collaborate with business/technology owners to ensure alignment with stringent security requirements.
- Manage significant security decisions with senior management, Technology, and Business owners to ensure secure outcomes and adherence to appropriate governance practices.
- Proactively manage identified risks within the solutions risk posture, ensuring compliance within agreed Risk Appetite.
- GRC & TPRM Framework Enhancement: Collaborate with cross-functional teams to define and refine security-related processes, providing critical inputs to deliver enhanced vendor management, SaaS assurance, and monitoring frameworks.
- Actively participate in workgroups to identify areas for improvement and drive process efficiencies within GRC and TPRM.
- Assess and document existing SaaS applications in line with the enhanced vendor management framework, identifying control gaps, security risks, and proposing effective mitigation controls.
- Assess the root cause of control gaps and provide practical, achievable recommendations for risk mitigation.
- Stakeholder Engagement & Communication: Prepare clear and concise executive summaries to keep stakeholders informed of progress and seek guidance where applicable.
- Train other team members on the new frameworks and associated processes.
- Demonstrate strong business engagement and influencing skills, capable of navigating complex topics with fact-based analysis.
- Understand the trade-offs involved in balancing security requirements with business change, while simultaneously delivering technical capability and business benefit.
Required Skills & Experience:
- Total Years of Experience: 10+ years in the Technology industry.
- Relevant Years of Experience:3+ years of dedicated Security Architecture experience.
- 1+ years focusing on Cloud/SaaS Security.
Mandatory Skills:
- Cloud/SaaS Security expertise.
- Strong background in GRC (Governance, Risk, and Compliance) with a focus on TPRM (Third-Party Risk Management).
- Core Technical & Domain Knowledge: Strong understanding of security principles, including threat modeling, controls, and risk assessment.
- Expertise in cloud security, particularly SaaS applications and third-party solutions.
- Experience with security frameworks and standards such as ISO 27001, NIST Cybersecurity Framework, and other industry best practices.
- Banking/Finance experience is highly preferred.
- 3rd party risk/supplier security management is highly desirable.
- Soft Skills & Leadership Capabilities: Proven ability to collaborate effectively with diverse teams, including development, operations, and compliance.
- Excellent communication and presentation skills to effectively convey complex technical information to both technical and non-technical audiences.
- Demonstrated Decision Quality, Strategic Mindset, Situational Adaptability, Self-awareness, Courage, and Ensures Accountability.
Desired/Secondary Skills:
- Experience interacting with Group Security Executives and Leadership Teams.
- Familiarity with Strategic Sourcing and Third-Party Risks teams.
- Engagement with Governance, Risk, and Compliance Technology delivery teams/executives.
- Collaboration with Architecture Strategy Advisory and Business domain Executives/Product Owners.
Domain: Security
Additional Information:
- Max Vendor Rate: INR 8,000 per day (excluding service tax).
- Background Check: Before onboarding.
- Shift Work: No standard daylight shifts.
Working Model: Hybrid
Assignment Duration: 12 Months
Number of Openings: 1
