Hexaware Technologies
Responsibilities
Design and validate secure solutions across cloud, on premises, and hybrid environments, applying threat modeling, secure-by-design principles, and architecture reviews to reduce attack surface and ensure resilience. Lead implementation and operationalization of major security tools and platforms such as SIEM/XDR, EDR, IAM/PAM, CASB, DLP, WAF, vulnerability management, and secrets management, ensuring integration, automation, and scalable telemetry. Drive security program execution including policy and control design, secure configuration baselines, identity and access governance, encryption/key management, and alignment with compliance frameworks (e.g., ISO, NIST, SOC, GDPR). Partner with engineering, cloud, product, and incident response teams to enable secure delivery pipelines (DevSecOps), threat detection & response playbooks, tabletop exercises, and post-incident lessons learned to continuously improve controls and maturity. Establish and enforce security, compliance, and governance controls (identity & access, encryption, logging, compliance frameworks), and promote infrastructure-as-code (ARM/Bicep/Terraform) and CI/CD best practices for repeatable, auditable deployments. Seniorities
Not Applicable Employment type
Full-time Job function
Information Technology Industries
IT Services and IT Consulting
#J-18808-Ljbffr
Design and validate secure solutions across cloud, on premises, and hybrid environments, applying threat modeling, secure-by-design principles, and architecture reviews to reduce attack surface and ensure resilience. Lead implementation and operationalization of major security tools and platforms such as SIEM/XDR, EDR, IAM/PAM, CASB, DLP, WAF, vulnerability management, and secrets management, ensuring integration, automation, and scalable telemetry. Drive security program execution including policy and control design, secure configuration baselines, identity and access governance, encryption/key management, and alignment with compliance frameworks (e.g., ISO, NIST, SOC, GDPR). Partner with engineering, cloud, product, and incident response teams to enable secure delivery pipelines (DevSecOps), threat detection & response playbooks, tabletop exercises, and post-incident lessons learned to continuously improve controls and maturity. Establish and enforce security, compliance, and governance controls (identity & access, encryption, logging, compliance frameworks), and promote infrastructure-as-code (ARM/Bicep/Terraform) and CI/CD best practices for repeatable, auditable deployments. Seniorities
Not Applicable Employment type
Full-time Job function
Information Technology Industries
IT Services and IT Consulting
#J-18808-Ljbffr