**Infrastructure Security
Key Requirement
9–15 years of progressive experience in Information Security and minimum 4 years in managerial or lead role focused on infrastructure/cloud security. Hands-on experience securing large-scale environments (on-prem + multi-cloud).
Roles and Responsibilities:
- Design and continuously evolve the infrastructure security strategy and roadmap aligned with business objectives and zero-trust principles.
- Architect secure infrastructure solutions for new Cyber solutions, cloud security, network segmentation, identity & access management (IAM), system security and endpoint protection.
- Lead the adoption of modern security controls (SASE, XDR, WAF, API security gateways, etc.).
- Conduct regular risk assessments, threat modeling, and vulnerability management programs for all infrastructure components.
- Ensure compliance with global and Indian regulatory requirements (ISO 27001, SOC 2, PCIDSS, GDPR, CERT-In, DPDP Act, RBI guidelines if applicable).
- Own the infrastructure portion of internal and external audits.
- Lead infrastructure-focused incident response, root-cause analysis, and post-incident improvements.
- Manage 24×7 security monitoring, SIEM/SOAR operations, and threat hunting.
- Define and maintain disaster recovery, business continuity, and backup security controls.
- Manage security tool vendors and negotiate contracts (SIEM, vulnerability scanners, cloud security posture management tools, etc.).
- Drive security awareness and training programs for IT and engineering teams.
- Partner with various infra team for security controls
- Provide monthly security posture reports, KPI dashboards, and executive briefings to CISO and leadership.
- Stay ahead of emerging threats (ransomware, supply-chain attacks, cloud misconfigurations, AI driven threats) and recommend proactive controls.
Qualification:
Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or related field
(Master's preferred).
Skills and Experience:
Network security (firewalls, IDS/IPS, micro-segmentation, SASE)
Cloud security platforms (AWS Security Hub, Azure Defender, GCP Security Command Center)
Identity & Access (Okta, Azure AD, IAM, PIM, JIT access)
Endpoint detection & response (CrowdStrike, SentinelOne, Microsoft Defender)
Container & Kubernetes security (Falco, Trivy, Prisma Cloud)
