Lead Security Architecture

From 6 to 9 year(s) of experience
₹ Not Disclosed by Recruiter

Job Description

Roles and Responsibilities

Job Responsibilities:

  • Defining security requirements for products and help in resolution of vulnerabilities
  • Evaluating off-the-shelf SAST and DAST products and tools that can be used for Appsec and code review
  • Advising product development team on validation of security requirement of products
  • Development controls and security policy checks be incorporated by products of NPCI
  • Issue guidelines to improve security of the third party applications and system architecture
  • Provide guidance to application developers on security strategy and drive it into programs
  • Define common security and privacy solutions for application security
  • Implement Privacy by Design principles to ensure protection of PII/PCI data.
  • Help application team in resolving vulnerabilities and prevent exploits
  • Identify gaps in security architecture and controls of organization
  • Lead and review assessments and audits for external agencies and members
  • Make decisions on upkeep of security posture of organization
  • Ideate on emerging trends of cyber-threat and align organizational strategy to address them
  • Provide solutions to address existing challenges with security architecture.
  • Act as SME for multiple security domains like Infrastructure security, Application security, cloud security etc.
  • Engage with development team to enable Dev-SEC-Ops.

Candidate Profile:

  • Profound understanding on cryptographic standards, application security, enterprise architecture, software development lifecycle etc
  • Thorough knowledge of authentication and authorization standards applicable in the web services, enterprise application, API development, eg: OAuth2, SAML, Tokenization etc.
  • Deep understanding of security vulnerabilities, exploits application infrastructure, APIs etc
  • Familiarity with OWASP, SANS and other coding guidelines
  • Hands on experience on tools like Burpsuit, Checkmarx, Nexpose, Nessus, Acunetix, Veracode etc.
  • Familiarity with tools used in CI/CD pipeline for static scan, DAR/DIT security, Db security requirements
  • Knowledge of Cyber kill chain(MITRE), Threat Modeling(STRIDE), NIST framework
  • Advanced skill in Secure Software development lifecycle (SSDLC) methodology
  • Experienced in security of middleware tools such as Service oriented architecture(SOA) Web architecture
  • Knowledge of database technologies like MySql, Oracle, Cassandra, Postgress etc.

Education & Qualification:

B.E. / B.Tech / MCA./ BCA/ BSC with minimum 8 to 10 years of experience in Application development and Information security with at least 5 years in Application security, Network security and architecture.


UG:BCA in Any Specialization,B.Tech/B.E. in Any Specialization,B.Sc in Any Specialization

Company Profile

National Payments Corporation of India

National Payments Corporation of India (NPCI), an umbrella organisation for operating retail payments and settlement systems in India, is an initiative of Reserve Bank of India (RBI) and Indian Banks’ Association (IBA) under the provisions of the Payment and Settlement Systems Act, 2007, for creating a robust Payment & Settlement Infrastructure in India.

The Company is focused on bringing innovations in the retail payment systems through the use of technology for achieving greater efficiency in operations and widening the reach of payment systems.

NPCI, has products like RuPay- debit, credit and prepaid cards, UPI(Unified Payments Interface), BHIM(Bharat Interface Money), AEPS(Aadhaar Enabled Payment Services), CTS(Cheque Truncation System), IMPS(Immediate Payment Services), NFS(National Financial Switch), NACH(National Automated Clearing House),NETC , Bharat Bill Pay, *99#.

For more detailed information on the Vision, Mission, Objectives and Products & Services. You can log on to https://www.npci.org.in/
Company Info
View Contact Details+

Contact Company:National Payments Corporation of India



Not Disclosed by Recruiter



Role Category:

IT Security


Security Architect / Consultant

Employment Type:

Full Time, Permanent