L3 Security Architect / Subject Matter Expert – Perimeter Security

L3 Security Architect / Subject Matter Expert – Perimeter Security
22
Mumbai
Job Views:
Created Date: 2026-07-18T12:00:00.324Z
Experience: 8 - year
Salary: upto
Industry: 38
Openings: 1
Primary Responsibilities :
Architecture & Engineering
- Own the design and architecture of enterprise perimeter security controls.
- Define and maintain standards for:
- Firewall policies
- Web Application Firewall (WAF) security posture
- DDoS protection and resilience
- Micro-segmentation strategy
- Lead onboarding, deployment, and integration of new security technologies.
Advanced Incident Handling
- Lead investigation and resolution of major security incidents.
- Define and approve containment and remediation strategies.
- Perform advanced forensic investigations and deep-dive threat analysis.
- Coordinate with OEM engineering teams for complex security issues.
Optimization & Continuous Improvement
- Reduce false positives and improve detection accuracy.
- Optimize firewall rules, IDS/IPS signatures, WAF policies, and security controls.
- Implement corrective and preventive security measures.
- Improve SOC detection, response capabilities, and operational maturity.
Governance, Risk & Compliance
- Support security audits, compliance assessments, and risk reviews.
- Review AlgoSec policy governance, firewall compliance, and risk analysis.
- Provide executive-level security recommendations and reporting.
Leadership & Mentorship
- Mentor L1 and L2 Security Engineers.
- Review and enhance SOPs, runbooks, and incident response playbooks.
- Drive SOC best practices and continuous process improvements.
Tools & Technologies
- Firewalls: Cisco, Palo Alto, Check Point, Fortinet
- IDS / IPS: Trend Micro, Cisco
- DDoS Protection: Radware, ISP-based DDoS solutions
- Web Application Firewall (WAF): F5
- Proxy & Internet Gateways
- Micro-Segmentation: GuardiCore
- Firewall Policy Governance: AlgoSec Firewall Analyzer
Experience Requirements:
Required Skills
- Enterprise Firewall Architecture
- Network Security Design
- Firewall Policy Management
- Web Application Firewall (F5)
- DDoS Protection & Mitigation
- IDS/IPS Management
- Micro-Segmentation (GuardiCore)
- AlgoSec Policy Governance
- Advanced Incident Response
- Digital Forensics
- Threat Detection & Analysis
- Security Architecture
- Risk Assessment & Compliance
- SOC Operations
- Security Automation
- Root Cause Analysis (RCA)
- Leadership & Team Mentoring
- Executive Stakeholder Management
Preferred Certifications
- CISSP
- CCNP Security / CCIE Security
- Palo Alto PCNSE
- Check Point CCSA / CCSE
- Fortinet NSE
- GIAC Security Certifications (GCIA, GCIH, etc.)
- Vendor-specific Firewall & WAF Certifications