Share this Job

Cloud Security Architect / Consulting Engineer- Bangalore/Pune

Date:  Nov 14, 2021

Pune, MH, IN

Requisition ID:  30856

About Avaya

Businesses are built by the experiences they provide, and every day millions of those experiences are delivered by Avaya Holdings Corp. (NYSE: AVYA). Avaya is shaping what's next for the future of work, with innovation and partnerships that deliver game-changing business benefits. Our cloud communications solutions and multi-cloud application ecosystem power personalized, intelligent, and effortless customer and employee experiences to help achieve strategic ambitions and desired outcomes. Together, we are committed to help grow your business by delivering Experiences that Matter. Learn more at www.avaya.com.

About The Opportunity

Avaya is seeking an experienced security professional to join the Product Security Support Team-PSST, and larger Solution Architecture group reporting into the Office of the CTO. 
To be successful in this role the candidate must have hands-on experience and a proven record of securing one or more of the cloud platforms: Azure, GCP, AWS and Hosted Cloud Solutions.  They must embrace continual learning, be willing to mentor and share their security knowledge with other team members, work on multiple projects simultaneously, effectively engage and consult with a diverse group of internal (e.g. Dev, Test, OPS, IT/Corporate Security, Professional Services, Product Management, Sales, etc.) and external (e.g. Avaya Customers, Business Partners, 3rd-party SaaS/OEM/Resellers, External Security Researchers, etc.) stakeholders, and establish oneself as a recognized thought leader among consulting engineers within the Avaya community.

About The Responsibilities

Primary Responsibilities:

•Internally focused Cloud Security Architecture & Consulting:
oCreate/Contribute to the development of Avaya Common Security requirements for Cloud, Hybrid and Enterprise Applications based on industry standards, regulations, and security best practices. (e.g. PCI DSS, HIPAA, FedRAMP, STIGs, GDPR etc.) 
oArchitect/Design Common Security Frameworks for Cloud, Hybrid and Enterprise Applications (IAM, Containerization, Certificate Management etc.)
oConsult with Avaya Offer teams during the Avaya Product/Solution/Cloud Offer design and development process. Coverage areas can include: IAM, Infrastructure Hardening, Encryption & Ciphers, Certificate Management, APIs, Containerization, Web App/Services, Azure/GCP/AWS Cloud Security, Privacy Protection, Regulatory Compliance.
oRecommend and integrate cloud-native/SaaS security services, security automation, consult with teams in deploying best-in-class/Avaya S&T-required security tools, CI/CD, DevSecOps, and Industry best practices.
oWork with Cloud vendors and external security researchers to resolve security gaps in Avaya Cloud Offers.
oReview/Assess security hardening for Cloud, Hybrid and Enterprise Applications using standard security tools and methodologies. (e.g. Threat modeling, vulnerability assessments, penetration testing, etc.)
oCreate security processes, policies and provide associated security vote at Portfolio Management Team reviews.

About The Requirements


•12+ years of security experience with 3 years of hands-on experience and a proven record of architecting and designing secure (one or more) Azure, GCP, AWS hosted Cloud Solutions
•At least 7 years of hands-on experience and a proven record of securing large enterprise-based applications.
•At least 3 years of Cloud Offer penetration test, security consulting, assessment, hardening, compliance, and operational security support
•Experience collaborating with auditors on compliance engagements e.g. PCI DSS, HIPAA, HITRUST, FedRAMP Attestation of Compliance-AOCs


•Ability to architect common security frameworks based on industry standards and best practices
•IaaS/PaaS/SaaS experience securing Azure, GCP, AWS and hybrid-based Cloud Solutions
•Knowledge of industry security standards (CIS Benchmarks, PCI DSS standards, STIGs, GDPR etc.)
•Experience with security penetration testing and associated open-source and commercial security tools (e.g. Qualys, Automated and Manual Web App scanners and proxies, API/protocol fuzzers, container and database scanners, Metasploit, Cloud-native security tools, etc.)
•Ability to create customized scripts (e.g. via Python, Perl, Ruby) and Proof of Concept exploits is desirable 
•High-tech product software/firmware support experience. In-depth problem-solving skills with demonstrated ability to isolate problems to specific software/firmware components
•Demonstrated teamwork experience and desire to work in a fast-paced security consulting role. 
•Excellent oral and written communication skills are needed to provide detailed technical analysis tailored to Avaya-internal as well as external customers. 


15+ Years of Experience


Bachelor degree or equivalent experience
Advance Degree preferred

Preferred Certifications


Avaya is an Equal Opportunity employer and a U.S. Federal Contractor. Our commitment to equality is a core value of Avaya. All qualified applicants and employees receive equal treatment without consideration for race, religion, sex, age, sexual orientation, gender identity, national origin, disability, status as a protected veteran or any other protected characteristic. In general, positions at Avaya require the ability to communicate and use office technology effectively. Physical requirements may vary by assigned work location. This job brief/description is subject to change. Nothing in this job description restricts Avaya right to alter the duties and responsibilities of this position at any time for any reason. You may also review the Avaya Global Privacy Policy (accessible at https://www.avaya.com/en/privacy/policy/) and applicable Privacy Statement relevant to this job posting (accessible at https://www.avaya.com/en/documents/info-applicants.pdf).