U

Cybersecurity Architect

Unisys · Bangalore, KA, India

10–18 yrs experiencePosted 2w ago
Apply now →

Job description

What success looks like in this role: 1.  Enterprise Security Architecture Strategy • Define an end-to-end, layered (Defense-in-depth) cybersecurity architecture across cloud, SIEM/SOC, MDR, CTEM,CRV,SNA, IAM, network, endpoint, and data domains • Establish reference architectures, design patterns, and reusable security blueprints that delivery teams can adopt rather than rebuild • Map capabilities to business risk, maintain a forward-looking architecture roadmap, and rationalize tooling to reduce complexity and tool sprawl 2.  Threat Modeling & Threat-Informed Defense • Establish enterprise threat modeling practices (e.g. STRIDE, attack trees, MITRE ATT&CK) and embed them early in the design lifecycle (security-by-design) • Identify trust boundaries, attack paths, and data flows; translate identified threats into prioritized, actionable controls • Extend threat modeling to AI/LLM and automation systems, addressing risks such as prompt injection, model abuse, and data poisoning 3.  Zero Trust Architecture • Define and drive the Zero Trust strategy and roadmap across identity, devices, network, applications, and data • Apply least-privilege access, micro-segmentation, strong authentication/MFA, conditional access, and continuous verification • Treat identity as the primary control plane, aligning Zero Trust closely with IAM and Secure Network Access 4.  Identity & Access Management (IAM) • Architect IAM using Microsoft Entra - authentication and authorization, RBAC/ABAC, conditional access, and the identity lifecycle (joiner / mover / leaver) • Design privileged access management (PAM/PIM), access governance and reviews, and protection of workload and non-human identities • Ensure IAM underpins Zero Trust as the enterprise’s primary security perimeter 5.  Detection, MDR & SOC Modernization • Architect a proactive, predictive, and increasingly autonomous Security Operations Center (SOC), including a defined detection engineering lifecycle (detection-as-code, ATT&CK coverage mapping, tuning to reduce false positives) and threat hunting • Integrate Managed Detection and Response (MDR) - align 24/7 detection and response, define the shared-responsibility model, and connect MDR telemetry and response actions into the internal SIEM/SOAR • Drive measurable improvements in mean time to detect and respond (MTTD/MTTR) 6.  Continuous Threat Exposure Management (CTEM) • Establish a CTEM program across the five stages - scoping, discovery, prioritization, validation, and mobilization • Prioritize exposures by real exploitability and business impact (beyond raw CVE counts), incorporating breach-and-attack simulation and attack-path analysis • Drive continuous, evidence-based exposure reduction and remediation 7.  Secure Network Access • Architect Secure Network Access using Zero Trust Network Access (ZTNA) and SASE/SSE principles, replacing legacy flat-network and VPN models • Design network segmentation / micro-segmentation and east-west visibility, integrating Network Detection and Response (NDR) • Secure hybrid, remote, and third-party access for users and workloads 8.  Cyber Resilience & Recovery (Cyber Recovery Vault) • Design cyber resilience and recovery architecture, including an isolated, immutable Cyber Recovery Vault (air-gapped) and clean-room recovery capability • Architect recovery from ransomware and destructive attacks, integrate with backup/DR, and define recovery objectives (RPO/RTO) and data-integrity validation • Establish regular recovery testing and align the design with operational resilience requirements 9.  AI & GenAI-Enabled Security • Design AI-driven detection and response; implement Security Copilot and agentic systems for automated triage, investigation, and analyst augmentation, progressing toward an autonomous SOC • Apply Generative AI responsibly - establish governance and guardrails for GenAI risks (prompt injection, data leakage, hallucination, model and data security), with human-in-the-loop for high-impact actions • Enable adaptive and self-healing security systems 10.  AI-Enabled Automation & Platform Engineering • Drive an automation-first approach - SOAR playbooks, agentic and AI-enabled automation, and self-healing workflows, targeting 30–50% automation enablement • Architect platforms using Microsoft Sentinel, Defender, Entra, and Purview; build reusable modules for detection, response, and automation • Apply engineering practices including infrastructure-as-code, detection-as-code, version control, and testing 11.  Innovation Leadership • Partner with Solutions Development to lead PoCs and emerging-technology adoption; translate new technology into scalable solutions • Work with Delivery to understand real-world issues, ideate, and create reusable assets 12.  Governance & Compliance • Align architecture with ISO 27001 and NIST (CSF / 800-53) standards, and embed security-by-design and compliance-as-code • Support audits and evidence collection; balance compliance requirements with risk-based exposure reduction 13.  Collaboration & Stakeholder Influence • Work closely with delivery, engineering, and business teams • Act as a trusted technical advisor across the organization You will be successful in this role if you have: • Bachelor’s or Master’s degree in