Role Description:
The Infrastructure & Platform Security Architect will be responsible for designing, implementing, and overseeing security strategies and architectures for our infrastructure and platform services. You will work closely with other IT and security teams to ensure that all infrastructure components and platforms are secured against evolving cyber threats and comply with industry best practices and regulations.
Responsibilities:
Develop and maintain security architectures for infrastructure and platforms (on-premise, cloud, and hybrid environments), ensuring scalability, resilience, and secure operations.
Define and implement security standards for various platforms including cloud services (AWS, Azure, GCP), on-premise data centers, and containerized environments (Docker, Kubernetes).
Lead efforts to harden network infrastructure, servers, storage, databases, and virtual environments by applying best practices in access control, encryption, logging, monitoring, and vulnerability management.
Conduct security assessments of existing and new infrastructure, platforms, and services. Provide guidance and recommendations to mitigate security risks.
Collaborate to design and implement IAM solutions and ensure strong authentication, authorization, and role-based access control (RBAC) policies across all platforms.
Work closely with the SOC and incident response teams to identify security incidents related to infrastructure and platform services and respond accordingly. Recommend detection and prevention strategies for infrastructure-based attacks.
Collaborate with DevOps, IT operations, cloud engineering, and application development teams to embed security controls in CI/CD pipelines and infrastructure as code (IaC) practices.
Ensure compliance with industry regulations (e.g., GDPR, PCI-DSS, ISO 27001) and corporate security policies by establishing security standards and controls across all platforms.
Engage in the implementation of security tools and technologies such as firewalls, IDS/IPS, VPNs, endpoint protection, encryption mechanisms, and cloud security solutions.
Develop and maintain security architecture blueprints, standards, guidelines, and procedures. Provide governance oversight and ensure adherence to security policies across the enterprise.
Qualifications:
Education: A Degree Computer Science, Information Technology, Cybersecurity, or a related field (Masters' degree, an added advantage).
Experience: Minimum of 4-7 years of experience in Information Technology, with at least 2 years in practical security engineering especially on infrastructure and platforms.
Deep understanding of network security principles, protocols, and standards (e.g., TCP/IP, DNS, BGP, SSL/TLS, VPNs, etc.).
Hands-on experience with securing cloud platforms (AWS, Azure, GCP) and virtualization technologies (VMware, Hyper-V).
Experience with securing hybrid environments, including on-premise and cloud infrastructure.
Proficient in designing secure architectures for cloud platforms, data centers, and containerized environments.
Strong knowledge of encryption techniques, VPN technologies, and secure remote access solutions.
Familiarity with security tools like SIEM, firewalls (e.g., Palo Alto, Cisco ASA, Fortinet), and network monitoring tools.
Experience with network segmentation and micro-segmentation techniques.
Understanding of DevSecOps principles and their application to network security.
Certifications (Preferred):
CompTia Security+
CompTia Advanced Security Professional
Certified Information Systems Security Professional (CISSP)
Certified Ethical Hacker (CEH)
Cloud certifications (e.g., AWS Certified Security Specialty, Azure Security Engineer Associate)