Security Architect

Job Description:

Position: Security Architect

Company: Likewize

Location: Chennai

Job Summary: This position is primarily aimed at designing and governing the overall security architecture of our organization. Candidate should be focused, consistent, very thorough and holistic in approach. Expertise in Perimeter Security, AI Security, Endpoint Security, Application Security and Cloud Security. This role will work closely with IT, Application and Business teams to ensure compliance with security best practices, regulatory requirements, and internal policies.

Qualifications & Experience:

Must have minimum of bachelor’s degree in computer science or IT or degree in Information Security or related (Other education not considered for this position). Should have total of 15 + years’ work experience in an MNC. Relevant of 10 + years of experience in both offensive and defensive security. Minimum of 3-5 years of IT experience in either IT Infrastructure or SDLC. Good Understanding of PCI DSS, NIST, ISO 27001, OWASP, MITTRE frameworks. CISSP, CISM, CCSP or CCSK, SABSA or any SANS advance certifications. Must have excellent written, verbal communication. Must have excellent Documentation, Presentation skills for design and solution presentations. Self-initiative, disciplined, very good time management and transparent in work.

Key responsibilities: (Approvals, rejections, or required security changes, document security requirements)

• Architectural reviews:
• Reviewing architecture diagrams for proposed new systems & Designing security controls for:
• Cloud environments (AWS, Azure,), Identity and access management (IAM), Network segmentation
• Data protection and encryption, AI systems (LLM’s, RAG, AI Agents & workflow automations)
• Attending architecture/design review meetings & Performing:
• Threat modelling (STRIDE, attack trees), Secure design reviews , Cloud architecture assessments
• Reviewing changes such as:
• New APIs, New SaaS integrations, Network topology changes, Identity federation updates
• New AI (chatbot or workflow automations)
• Risk Assessment & Security Decision Support (Weekly)
• Reviewing risk assessments (VAPT Assessments, Recorded Risk Acceptance)
• Advising on exceptions and risk acceptance
• Translating technical risk into business impact
• Supporting governance forums and architecture boards
• Partnering with Engineering & DevOps Teams (Daily)
• Working with developers on secure patterns & Advising DevOps teams on CI/CD security controls, Secrets management, Infrastructure as Code (IaC) security
• Helping teams adopt Secure reference architectures, Approved security services, Standardized controls
• Cloud & Platform Security Oversight (Daily / Weekly)
• Reviewing cloud landing zone designs & Defining:
• Network isolation models, IAM patterns (least privilege, RBAC), Logging and monitoring standards
• Supporting security tools such as:
• CSPM (Cloud Security Posture Management), CIEM (Cloud Infrastructure Entitlement Management)
• Tooling, Visibility & Control Gaps (weekly/monthly)
• Identifying gaps in Logging, Monitoring, Identity coverage, Layered security through VAPT assessments.
• Remediations – Manage the security gaps/VAPT lifecycle until closure and ensure proper reporting in place.
• Ensuring new architectures - Generate audit‑ready logs, Support incident response, Align with Zero Trust