Architect - Platform Security Specialist

While technology is the heart of our business, a global and diverse culture is the heart of our success. We love our people and we take pride in catering them to a culture built on transparency, diversity, integrity, learning and growth.

If working in an environment that encourages you to innovate and excel, not just in professional but personal life, interests you- you would enjoy your career with Quantiphi!

Role : Architect - Platform (Security Specialist)

Experience: 7-14 Years

Location: Mumbai/Bangalore

Key Responsibilities

• Design, build, and secure AWS platform infrastructure using IaC (CloudFormation / Terraform).
• Implement and manage security controls across AWS environments (IAM, KMS, Secrets Manager, Network Firewall).
• Build automated security guardrails and compliance checks using AWS Security Hub, Config, and IAM Access Analyzer. Develop secure CI/CD pipelines, including automated policy checks, vulnerability scans, and artifact integrity validation.
• Implement centralized logging and monitoring using CloudWatch, SIEM tools, GuardDuty, and VPC Flow Logs.
• Collaborate with application and DevOps teams to define secure architecture patterns, network segmentation, and zero-trust controls.
• Conduct regular security assessments, risk reviews, and threat modelling for workloads hosted on AWS.
• Enforce tagging standards, data-classification controls, and lifecycle policies across AWS resources.
• Support incident response activities, root-cause analysis, remediation planning, and post-incident improvements.
• Document platform security design, runbooks, best practices, and alignment with enterprise security standards.
• Manage and integrate security tools such as SIEM, DLP, Cloud Proxy, CASB, or Isolation systems when relevant to AWS workloads.
• Provide training and guidance to engineering teams on secure AWS usage, identity governance, and least-privilege access.
• Experience integrating AWS environments with Security Operations Centers (SOC) for real-time alerting, threat detection, and incident escalation workflows.
  
  

• Overall 7+ years of Experience in AWS Cloud platform/security engineering and 3-5 years of experience in cloud security/cybersecurity.
• Deep knowledge of AWS security services: IAM, KMS, Security Hub, GuardDuty, AWS Config, VPC Security, WAF, Network Firewall.
• Strong understanding of cloud security models, zero-trust principles, least privilege, encryption, data protection, and network security fundamentals.
• Hands-on experience with either of IaC tools: CloudFormation, Terraform, CDK.
• Proficiency in scripting languages such as Python or Bash for automation.
• Experience setting up centralized logging, SIEM integrations, and security event monitoring.
• Strong understanding of CI/CD security, artifact scanning, secrets management, and pipeline hardening.
• Knowledge of network security tools and concepts: firewalls, proxies, routing, segmentation, DLP, isolation appliances.
• Familiarity with compliance frameworks (GDPR, HIPAA, PCI, SOC2) and ability to enforce security baseline standards.
• Strong analytical and troubleshooting skills to resolve platform and security issues.
• Excellent communication and collaboration skills to work across cross-functional engineering and security teams.
• Exposure to advanced data protection practices such as data classification, DLP controls, encryption strategy design, and secure data lifecycle management.
  
  

• Experience securing multi-cloud (AWS + GCP/Azure) environments.
• Experience with container security for ECS/EKS (image scanning, runtime protection, IAM roles for tasks).
• Knowledge of SIEM platforms like Sumo Logic, Splunk, or Datadog.
• Experience with AWS Macie, Detective, and advanced data governance solutions.
• Exposure to zero-trust security, identity federation, and SSO (Azure AD/Okta).
• Familiarity with incident response processes and playbook automation (SOAR).
• Experience designing isolation, or exfiltration-prevention controls.
• Additional security certifications (CISSP, CISM, CCSP, AWS Security Specialty)
• Understanding of SOC processes, including Tier-1/2/3 triage, playbook execution, case management, ticketing systems, and threat intelligence enrichment.
• Hands-on knowledge of security incident management, including detection, investigation, containment, eradication, recovery, and post-incident reviews.