Platform Architect – Security Specialist
Quantiphi
full-time
Posted on:
Location Type: Office
Location: Bengaluru • 🇮🇳 India
Visit company websiteJob Level
SeniorLead
Tech Stack
AWSCloudCyber SecurityFirewallsPythonTerraform
About the role
- Design, build, and secure AWS platform infrastructure using IaC (CloudFormation / Terraform).
- Implement and manage security controls across AWS environments (IAM, KMS, Secrets Manager, Network Firewall).
- Build automated security guardrails and compliance checks using AWS Security Hub, Config, and IAM Access Analyzer.
- Develop secure CI/CD pipelines, including automated policy checks, vulnerability scans, and artifact integrity validation.
- Implement centralized logging and monitoring using CloudWatch, SIEM tools, GuardDuty, and VPC Flow Logs.
- Collaborate with application and DevOps teams to define secure architecture patterns, network segmentation, and zero-trust controls.
- Conduct regular security assessments, risk reviews, and threat modelling for workloads hosted on AWS.
- Enforce tagging standards, data-classification controls, and lifecycle policies across AWS resources.
- Support incident response activities, root-cause analysis, remediation planning, and post-incident improvements.
- Document platform security design, runbooks, best practices, and alignment with enterprise security standards.
- Manage and integrate security tools such as SIEM, DLP, Cloud Proxy, CASB, or Isolation systems when relevant to AWS workloads.
- Provide training and guidance to engineering teams on secure AWS usage, identity governance, and least-privilege access.
- Experience integrating AWS environments with Security Operations Centers (SOC) for real-time alerting, threat detection, and incident escalation workflows.
Requirements
- Overall 7+ years of Experience in AWS Cloud platform/security engineering and 3-5 years of experience in cloud security/cybersecurity.
- Deep knowledge of AWS security services: IAM, KMS, Security Hub, GuardDuty, AWS Config, VPC Security, WAF, Network Firewall.
- Strong understanding of cloud security models, zero-trust principles, least privilege, encryption, data protection, and network security fundamentals.
- Hands-on experience with either of IaC tools: CloudFormation, Terraform, CDK.
- Proficiency in scripting languages such as Python or Bash for automation.
- Experience setting up centralized logging, SIEM integrations, and security event monitoring.
- Strong understanding of CI/CD security, artifact scanning, secrets management, and pipeline hardening.
- Knowledge of network security tools and concepts: firewalls, proxies, routing, segmentation, DLP, isolation appliances.
- Familiarity with compliance frameworks (GDPR, HIPAA, PCI, SOC2) and ability to enforce security baseline standards.
- Strong analytical and troubleshooting skills to resolve platform and security issues.
- Excellent communication and collaboration skills to work across cross-functional engineering and security teams.
- Exposure to advanced data protection practices such as data classification, DLP controls, encryption strategy design, and secure data lifecycle management.
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
AWSIaCCloudFormationTerraformCI/CDPythonBashSIEMDLPencryption
Soft skills
analytical skillstroubleshooting skillscommunication skillscollaboration skills