Security Architect

Job Description

Security Architect We are the leading specialty e-retailer offering consumer products, vacations and online education services through an easy and convenient payment plan. Our customers love us because we make paying for their purchases stress and hassle free. The automatic payments help them to avoid penalty fees and ballooning interest associated with other payment options. The fixed payment duration options empower them to budget more efficiently. Ours is a revolutionary e-commerce experience that gives customers access to a better life combined with a responsible way to buy. Purchasing Power is ?Powering People to a Better Life?? through its employee purchase program, financial literacy efforts and charitable contributions. For more information, visit www.PurchasingPower.com (US) and corp.PurchasingPower.com (outside US). Purchasing Power is one of Atlanta?s fastest growing e-retailers is seeking a skilled and experienced security architect with knowledge of security best practices to join our team in Chennai, India. In this role, you will be responsible for designing and implementing robust security frameworks and solutions to protect the organization's infrastructure, applications, and data. You will work closely with cross functional teams to ensure that computing environments are secure, compliant, and resilient to security threats. The selected candidate will report to the Senior Director Enterprise Security in Atlanta. What you?ll do: ? Work with cross-functional teams including development, operations, and infrastructure, to ensure secure architectures are designed and implemented. ? Develop security blueprints and ensure that services and applications are secure by design. ? Convert project requirements into suitable architecture documentation. ? Communicate effectively with stakeholders to align security strategies with organizational goals. ? Perform security threat modeling for systems, applications, and data repositories. ? Partner with vendors, service providers, and third-party stakeholders to evaluate and recommend security tools and solutions. ? Create security standards and guidelines in accordance with industry best practices and compliance requirements (e.g., NIST, SOC2). ? Provide guidance on the implementation of security controls and cloud-native security tools (e.g., IAM, encryption, monitoring, and threat detection). ? Collaborate with IT to design and enhance security controls and processes. ? Design and automate security processes. ? Establish assurance standards which support secure architectures and assist with detecting security control gaps. ? Collaborate with incident response teams to address security incidents. ? Stay current with security technologies, services and trends. Requirements- ? Bachelor?s degree in computer science, information security, or related field (or equivalent experience). ? 4+ years of experience in information security, with at least 2 years working in a security architecture role. ? Strong knowledge of and hands-on experience with security architecture concepts, best practices, tools and techniques. ? Familiarity with cloud security and DevSecOps best practices. ? Proficiency in scripting languages (e.g., Python, PowerShell). ? Experience with security control frameworks such as NIST, ISO 27001, and COBIT. ? Knowledge of security compliance frameworks such as SOC2 and PCI DSS. E-Commerce background is mandatory (Minimum 2 years) Personal Attributes- ? Strong problem-solving and critical thinking skills. ? Excellent written and verbal communication skills, with the ability to explain security concepts to non-technical stakeholders. ? Solid interpersonal skills with capacity to develop and maintain productive relationships. ? Ability to work independently as well as part of a team. ? A "can-do" spirit with a sense of ownership and commitment. Bonus Experience- ? Certifications in security such as CISSP, CISM, CCSP. ? Hands-on experience with security automation and orchestration in cloud environments. ? Experience in ecommerce domain or similar