Security Architect job opportunity at Accenture Plc.

Bachelor's (B.Sc.)

Gurugram, India

Gurugram....India

summarize with Ai

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Application Security Architecture and Design Good to have skills : NA Minimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary: We are looking for a Technical Lead with strong expertise in Application and Infrastructure Security to lead a suite of security services including vulnerability management, application security testing (SAST/DAST), and penetration testing. This role is ideal for someone who can not only execute and review security assessments but also manage tools, provide technical direction to a delivery team, and act as a trusted advisor to the client on security best practices Roles & Responsibilities: - Service Delivery & Technical Leadership • Lead the delivery of application and infrastructure security services including: • Dynamic Application Security Testing (DAST) • Static Application Security Testing (SAST/SCA) • Web & API Penetration Testing • Mobile Application Security Testing • Infrastructure Vulnerability Management (IVM) • Oversee scan scheduling, execution, validation, and reporting. • Drive the reduction of false positives and enhance detection accuracy. • Ensure timely delivery of security testing activities aligned with client SLAs. - Security Testing & Analysis • Perform automated and manual security scans for applications and infrastructure. • Validate findings, analyze root causes, and prioritize remediation based on risk. • Provide technical recommendations to development, DevOps, and infrastructure teams. • Align findings with recognized standards (e.g., OWASP Top 10, CVSS, CWE). - Tool Ownership & Optimization • Administer and optimize usage of security tools including but not limited to: • WebInspect, Veracode, Burp Suite, Custom Scripting Tools • GitLab, ServiceNow Security Modules • Datadog Security Explorer, OpenShift ACS • Tune and maintain tool configurations, scan profiles, and dashboards. - Governance & Reporting • Track scan volumes, issue lifecycle, and performance KPIs. • Deliver dashboards and executive-level reports on security posture. • Support audit, compliance, and client reporting needs. - Team Collaboration & Stakeholder Management • Provide technical direction and mentorship to the delivery team. • Liaise with client teams, application owners, and platform SMEs. • Ensure effective communication across stakeholders for testing, issue triage, and remediation. Professional & Technical Skills: - 8+ years of experience in Cybersecurity, with specialization in Application Security and Vulnerability Management. - Strong technical knowledge of SAST/DAST tools (e.g., Veracode, WebInspect). - Hands-on experience in penetration testing of web, mobile, and API-based applications. - Familiarity with infrastructure scanning and vulnerability remediation practices. - Strong understanding of secure SDLC, OWASP Top 10, SANS Top 25, and risk classification models (CVSS, CWE). - Experience working in global delivery teams, preferably in a client-facing role - CEH / OSCP / GWAPT / CISSP / CSSLP - Veracode Certified Specialist or equivalent - Vendor certifications on WebInspect, Burp Suite, GitLab Security Additional Information: - The candidate should have minimum 7.5 years of experience in Application Security Architecture and Design. - This position is based at our Gurugram office. - A 15 years full time education is required. - Knowledge of cloud security principles (Azure/AWS/GCP) - Familiarity with container security and DevSecOps tooling - Exposure to automated CI/CD security integrations - Strong communication and documentation skills - Proactive problem-solving and analytical thinking - Ability to balance security risk with operational practicality