Security Representative - PSR
- Citiustech
- 9 - 13 years
- Bengaluru
- 4 days ago
- Email to a friend
- Report this job
Job Description
Role & responsibilities
1) Security Governance & Processes
- Own DEPS process execution for the project: schedule workshops, complete threat models, track mitigations to closure, and publish change controlled artefacts
- Align with QMS for security evidence and release sign off; ensure traceability from risks controls tests defects approvals.
- Run security risk reviews within PI/Sprint ceremonies; log decisions and actions in tools (e.g., Rally) and program dashboards.
2) Architecture & Design Assurance
- Lead secure architecture reviews (network segmentation, IAM/SSO patterns, secrets management, TLS policies, hardened images)
- Approve container/OS baseline and cloud controls as per standards (hardened images, CIS baselines)
3) CI/CD Security Controls & Tooling
- Ensure the CI/CD pipeline integrates static/dynamic/container/network security checks and gates; review findings and remediation SLAs.
- Define security defect triage, severity classification, retest criteria, and release bars; report status weekly/monthly to stakeholders.
4) Cloud & Infra Security (with SRE/DevOps)
- Review VPC architecture, routing, security groups, NACLs, certificate/key management; verify least privilege and encryption.
- Confirm standard hardened container images are used and continuously scanned.
5) Evidence & Audit Readiness
- Plan and witness security relevant V&V (auth flows, session management, role based access, performance baselines under secure configs); ensure audit ready reports and logs are produced and archived.
- Maintain a security traceability matrix linking DEPS threats to design controls, tests, defects, and release approvals.
6) Stakeholder Management & Communication
- Act as primary security point of contact for program owners, PSR peers, and CT Delivery; run cadence reviews and escalate blockers.
Preferred candidate profile
Experience: 9-13 Years
Location: Mumbai and Bangalore
Mode: Hybrid
Employment: Permanent Fulltime
Required Skills & Experience
Security Engineering & AppSec: secure design patterns, OWASP, container security, secrets/IAM, encryption at rest/in transit.
Toolchain proficiency: SonarQube, BurpSuite, Twistlock/Prisma, Nessus, plus CI/CD orchestration of gates and reports.
Cloud security: VPC design, segmentation, SG/NACL, hardened base images, certificate/key mgmt.
Process & compliance: experience with DEPS threat modeling and QMS/audit evidence in medical/regulated environments.
SDLC integration: agile PI/Sprint practices, backlog hygiene, Rally usage for tracking security actions. Perks and benefits
If interested in above JD, please share resume to la**********u@ci*******h.com with below details:
Total experience:
Relevant Experience:
Current CTC:
Expected CTC:
Notice Period:
Current Location:
Job Classification
Industry: IT Services & ConsultingFunctional Area / Department: IT & Information SecurityRole Category: IT SecurityRole: Security Architect / ConsultantEmployement Type: Full timeContact Details:
Company: CitiustechLocation(s): Bengaluru
Keyskills: Security Risk Management OWASP Ci/Cd Security Cloud Security Architecture Threat Modeling
Similar positions
Citiustech
Capgemini is a global leader in partnering with companies to transform and manage their business by harnessing the power of technology. The Group is guided everyday by its purpose of unleashing human energy through technology for an inclusive and sustainable future. It is a responsible and diverse o...
Job Listings
We are in open beta version of website, please let us know if any issues, at: info(at)indigojobs.in