F

Senior Security Architect

Flipkart · Bengaluru, Karnataka, India

8–15 yrs experiencefull_timePosted 2w ago
Apply now →

Job description

**Role Overview** We are seeking a highly strategic and technically proficient Associate Director / Senior Security Architect. In this role, you will act as the core security partner to our Platform Engineering, DevOps, and Infrastructure teams, ensuring that security is baked into our ecosystem. Beyond foundational platform security, you will drive execution across critical enterprise domains: establishing a standardized Perimeter and WAF defense strategy across our major group platforms (including Flipkart, Myntra, Cleartrip, and SuperMoney), engineering multi-tenant API Gateway architectures , defining modern automated Vulnerability Management frameworks , and building frameworks for securing enterprise AI utilization. This is a high-impact leadership role requiring deep technical execution and the ability to influence cross-functional platform teams. **Key Responsibilities** **1. Perimeter Security & WAF Standardization** ● Group-Wide WAF Framework: Standardize and implement an enterprise-grade WAF architecture across multiple environments, ensuring 100% security coverage across all public-facing endpoints. ● Advanced Bot Management: Deploy and manage an effective Bot Management (BOTM) solution across all public endpoints; architect dynamic and static rate limits and continuously improve bot identification accuracy to eliminate false positives (FPs). ● DDoS Resilience & Simulation: Orchestrate and oversee monthly DDoS simulations to rigorously test and identify application flaws as well as gaps in the BOTM solution. **2. API Security Architecture** ● Gateway-First Architecture: Partner with the Platform Engineering team to ensure all internal and external APIs are exposed strictly through secure API Gateways. ● Access Control & Rate Limiting: Architect and enable centralized Authentication & Authorization (AuthN/Z) and dynamic rate-limiting capabilities leveraging multiple parameters (e.g., IP addresses, User IDs, Account IDs). ● Core Protection Capabilities: Define gateway policies to defend against top web vectors and custom parameter blocking (Client ID, Account ID). ● Discovery & Visibility: Implement comprehensive API discovery and inventory features , govern TLS version enforcement , and build real-time observability to immediately identify and mitigate API abuse. **3. Vulnerability Management (VM) Transformation** ● Centralized Dashboarding: Establish an enterprise-wide centralized dashboard providing an accurate, single pane of glass for vulnerability monitoring with 100% VM coverage. ● Developer Enablers: Architect and implement automated patching pipelines to assist developer workflows and streamline remediation. ● SLA Enforcement & Triage: Standardize vulnerability criticality criteria to eliminate noise and reduce false positives ; drive strict adherence to remediation SLAs. ● Lifecycle & Baseline Governance: Design End-of-Life (EOL) infrastructure strategies and secure stakeholder buy-in for seamless migration; implement and mandate a "Golden Image" strategy across the Flipkart group. **4. Logging, Monitoring & Modern Initiatives** ● Production Logging Strategy: Architect a resilient production logging strategy capable of handling high-volume ingestion while optimizing storage structures and maintaining strict cost efficiency. ● Securing AI Usage: Establish security guardrails, architectural governance patterns, and policy frameworks to ensure safe, secure, and compliant adoption of AI technologies across the organization. ● Platform Collaboration: Act as the primary technical point of contact to translate security requirements into developer-friendly configurations (Infrastructure-as-Code, CI/CD integrations) for the Platform Engineering team. **5. AI Security** ● Strategise the security for AI based assets - LLM, Agents, MCPs, SLMs etc. ● Solve complex hybrid environment challenges while implementing security controls across the AI landscape ● Ideate and implement guardrails to safeguard underlying infrastructure. ● Discovery and Inventory of AI usage **Required Qualifications & Skills** **Technical Expertise** ● Perimeter & WAF Specialist: Deep, hands-on experience managing and scaling enterprise-grade WAF/CDN solutions (e.g., Akamai, Cloudflare, AWS WAF) and deploying advanced Bot Management systems. ● API Security & Gateways: Strong architectural grasp of API Gateway configurations (e.g., Kong, Apigee, AWS API Gateway), OAuth2/OIDC protocols , and mitigation of OWASP API Top 10 risks. ● Vulnerability & Baseline Management: Proven track record building automated patching pipelines , implementing golden image workflows (Packer, Docker), and orchestrating enterprise vulnerability scanning tools. ● Infrastructure & High-Ingestion Logging: Experience designing large-scale telemetry or logging pipelines (e.g., ELK, Splunk, Datadog) factoring in ingestion velocity and data storage retention/costs. ● Emerging Tech: Foundational knowledge of securing LLM/AI applications (e.g., OWASP Top 10 for LLMs). ● LLM Architecture Understanding: Deep understanding of Large Language Models (LLMs), Transformers, Retrieval-Augmented Generation (RAG) architectures, and fine-tuning methodologies. ● Vector Databases: Experience securing vector databases (e.g., Pinecone, Milvus, Chroma, Qdrant) and managing semantic search embeddings. ● AI Frameworks: Hands-on experience with AI orchestration frameworks like LangChain, LlamaIndex, and Hugging Face ecosystem. **Leadership & Experience** ● Experience: 15+ years in Cybersecurity, Infrastructure, or Platform Security, with 4+ years in a dedicated Security Architect or technical leadership capacity. ● Scale Capability: Prior experience working across large, multi-brand e-commerce or digital ecosystem entities (such as managing security baselines across distributed units/subsidiaries) is highly preferred.