Job Information
DATAMAXIS Security Architect in Remote, India
Job Title: Security Architect
Location: Remote
Experience: 10+ years
Job Summary:
Deep technical knowledge of the OWASP Top 10, Cloud Security Posture Management (CSPM), CVSS scoring, and software supply chain security.
Lead DevSecOps Advocacy and Training: Provide clear guidance to Engineering and Product teams to foster a culture of shared security responsibility
Embed Security into CI/CD Pipelines: Partner with DevOps teams to integrate "shift-left" controls, quality gates, and automated security testing (SAST/SCA/IaC) into actions,
Build DevSecOps Dashboards and Reporting: Develop executive-level KPIs/KRIs covering vulnerability aging, MTTR (Mean Time to Remediate), pipeline pass/fail rates, and measurable risk reduction across the enterprise
Own software supply chain security (SCA): Utilize JFrog Xray for policy enforcement, including vulnerable dependency detection, license governance, and automated blocking of malicious components within the artifact repository.
Drive Static Analysis (SAST) and Code Quality: Use SonarQube to partner with development teams, reducing critical/high findings and implementing sustainable coding standards that are integrated directly into the developer's IDE and pull request workflow.
Conduct Dynamic Testing (DAST): Coordinate testing using Burp Suite to validate exploitability and reproduce issues, while working to automate baseline DAST scans within the CI/CD pipeline.
Lead the end-to-end vulnerability lifecycle: discovery, triage, risk assessment, prioritization, remediation tracking, validation, and closure across Azure cloud environments.
Operate and optimize Microsoft Defender for Cloud (Azure Defender) and Defender fo Endpoint: Improve cloud security posture, reduce misconfigurations, and drive remediation across compute, networking, storage, identity, and container workloads (AKS/OCR).
{}Infrastructure-as-Code (IaC) security : D{}efining and enforcing policies for Terraform, ARM templates, or Bicep.
Certifications (one or more highly preferred):
CEH
OSCP
CSSLP
GWAPT
Original NSR:
NSR-8975
Other Responsibilities:
Work with Security team on other technical security related issues.
Maintain security tools and software
Consult with developers on application security