Architect - Platform (Security Specialist)

While technology is the heart of our business, a global and diverse culture is the heart of our success. We love our people and we take pride in catering them to a culture built on transparency, diversity, integrity, learning and growth.


If working in an environment that encourages you to innovate and excel, not just in professional but personal life, interests you- you would enjoy your career with Quantiphi!

Role : Architect - Platform (Security Specialist)

Experience: 7-14 Years

Location: Mumbai/Bangalore

Key Responsibilities

• Design, build, and secure AWS platform infrastructure using IaC (CloudFormation / Terraform).

• Implement and manage security controls across AWS environments (IAM, KMS, Secrets Manager, Network Firewall).

• Build automated security guardrails and compliance checks using AWS Security Hub, Config, and IAM Access Analyzer.
  Develop secure CI/CD pipelines, including automated policy checks, vulnerability scans, and artifact integrity validation.

• Implement centralized logging and monitoring using CloudWatch, SIEM tools, GuardDuty, and VPC Flow Logs.

• Collaborate with application and DevOps teams to define secure architecture patterns, network segmentation, and zero-trust controls.

• Conduct regular security assessments, risk reviews, and threat modelling for workloads hosted on AWS.

• Enforce tagging standards, data-classification controls, and lifecycle policies across AWS resources.

• Support incident response activities, root-cause analysis, remediation planning, and post-incident improvements.

• Document platform security design, runbooks, best practices, and alignment with enterprise security standards.

• Manage and integrate security tools such as SIEM, DLP, Cloud Proxy, CASB, or Isolation systems when relevant to AWS workloads.

• Provide training and guidance to engineering teams on secure AWS usage, identity governance, and least-privilege access.

• Experience integrating AWS environments with Security Operations Centers (SOC) for real-time alerting, threat detection, and incident escalation workflows.

Must Have Skills

• Overall 7+ years of Experience in AWS Cloud platform/security engineering and 3-5 years of experience in cloud security/cybersecurity.

• Deep knowledge of AWS security services: IAM, KMS, Security Hub, GuardDuty, AWS Config, VPC Security, WAF, Network Firewall.

• Strong understanding of cloud security models,  zero-trust principles, least privilege, encryption, data protection, and network security fundamentals.

• Hands-on experience with either of IaC tools: CloudFormation, Terraform, CDK.

• Proficiency in scripting languages such as Python or Bash for automation.

• Experience setting up centralized logging, SIEM integrations, and security event monitoring.

• Strong understanding of CI/CD security, artifact scanning, secrets management, and pipeline hardening.

• Knowledge of network security tools and concepts: firewalls, proxies, routing, segmentation, DLP, isolation appliances.

• Familiarity with compliance frameworks (GDPR, HIPAA, PCI, SOC2) and ability to enforce security baseline standards.

• Strong analytical and troubleshooting skills to resolve platform and security issues.

• Excellent communication and collaboration skills to work across cross-functional engineering and security teams.

• Exposure to advanced data protection practices such as data classification, DLP controls, encryption strategy design, and secure data lifecycle management.

Good to Have Skills

• Experience securing multi-cloud (AWS + GCP/Azure) environments.

• Experience with container security for ECS/EKS (image scanning, runtime protection, IAM roles for tasks).

• Knowledge of SIEM platforms like Sumo Logic, Splunk, or Datadog.

• Experience with AWS Macie, Detective, and advanced data governance solutions.

• Exposure to zero-trust security, identity federation, and SSO (Azure AD/Okta).

• Familiarity with incident response processes and playbook automation (SOAR).

• Experience designing isolation, or exfiltration-prevention controls.

• Additional security certifications (CISSP, CISM, CCSP, AWS Security Specialty)

• Understanding of SOC processes, including Tier-1/2/3 triage, playbook execution, case management, ticketing systems, and threat intelligence enrichment.

• Hands-on knowledge of security incident management, including detection, investigation, containment, eradication, recovery, and post-incident reviews.