BENGALURU · FULLTIME
Cybersecurity Architect

Unisys
Bengaluru · onsite · Posted 13d ago
Your match
Sign in to see your match score, skill gaps & tailored resume.
Section · 01
About this role
What success looks like in this role:
1. Enterprise Security Architecture Strategy
Define an end-to-end, layered (Defense-in-depth) cybersecurity architecture across cloud, SIEM/SOC, MDR, CTEM,CRV,SNA, IAM, network, endpoint, and data domains Establish reference architectures, design patterns, and reusable security blueprints that delivery teams can adopt rather than rebuild Map capabilities to business risk, maintain a forward-looking architecture roadmap, and rationalize tooling to reduce complexity and tool sprawl 2. Threat Modeling & Threat-Informed Defense Establish enterprise threat modeling practices (e.g. STRIDE, attack trees, MITRE ATT&CK) and embed them early in the design lifecycle (security-by-design) Identify trust boundaries, attack paths, and data flows; translate identified threats into prioritized, actionable controls Extend threat modeling to AI/LLM and automation systems, addressing risks such as prompt injection, model abuse, and data poisoning 3. Zero Trust Architecture Define and drive the Zero Trust strategy and roadmap across identity, devices, network, applications, and data Apply least-privilege access, micro-segmentation, strong authentication/MFA, conditional access, and continuous verification Treat identity as the primary control plane, aligning Zero Trust closely with IAM and Secure Network Access 4. Identity & Access Management (IAM) Architect IAM using Microsoft Entra - authentication and authorization, RBAC/ABAC, conditional access, and the identity lifecycle (joiner / mover / leaver) Design privileged access management (PAM/PIM), access governance and reviews, and protection of workload and non-human identities Ensure IAM underpins Zero Trust as the enterprise’s primary security perimeter 5. Detection, MDR & SOC Modernization Architect a proactive, predictive, and increasingly autonomous Security Operations Center (SOC), including a defined detection engineering lifecycle (detection-as-code, ATT&CK coverage mapping, tuning to reduce false positives) and threat hunting Integrate Managed Detection and Response (MDR) - align 24/7 detection and response, define the shared-responsibility model, and connect MDR telemetry and response actions into the internal SIEM/SOAR Drive measurable improvements in mean time to detect and respond (MTTD/MTTR) 6. Continuous Threat Exposure Management (CTEM) Establish a CTEM program across the five stages - scoping, discovery, prioritization, validation, and mobilization Prioritize exposures by real exploitability and business impact (beyond raw CVE counts), incorporating breach-and-attack simulation and attack-path analysis Drive continuous, evidence-based exposure reduction and remediation 7. Secure Network Access Architect Secure Network Access using Zero Trust Network Access (ZTNA) and SASE/SSE principles, replacing legacy flat-network and VPN models Design network segmentation / micro-segmentation and east-west visibility, integrating Network Detection and Response (NDR) Secure hybrid, remote, and third-party access for users and workloads 8. Cyber Resilience & Recovery (Cyber Recovery Vault) Design cyber resilience and recovery architecture, including an isolated, immutable Cyber Recovery Vault (air-gapped) and clean-room recovery capability Architect recovery from ransomware and destructive attacks, integrate with backup/DR, and define recovery objectives (RPO/RTO) and data-integrity validation Establish regular recovery testing and align the design with operational resilience requirements 9. AI & GenAI-Enabled Security Design AI-driven detection and response; implement Security Copilot and agentic systems for automated triage, investigation, and analyst augmentation, progressing toward an autonomous SOC Apply Generative AI responsibly - establish governance and guardrails for GenAI risks (prompt injection, data leakage, hallucination, model and data security), with human-in-the-loop for high-impact actions Enable adaptive and self-healing security systems 10. AI-Enabled Automation & Platform Engineering Drive an automation-first approach - SOAR playbooks, agentic and AI-enabled automation, and self-healing workflows, targeting 30–50% automation enablement Architect platforms using Microsoft Sentinel, Defender, Entra, and Purview; build reusable modules for detection, response, and automation Apply engineering practices including infrastructure-as-code, detection-as-code, version control, and testing 11. Innovation Leadership Partner with Solutions Development to lead PoCs and emerging-technology adoption; translate new technology into scalable solutions Work with Delivery to understand real-world issues, ideate, and create reusable assets 12. Governance & Compliance Align architecture with ISO 27001 and NIST (CSF / 800-53) standards, and embed security-by-design and compliance-as-code Support audits and evidence collection; balance compliance requirements with risk-based exposure reduction 13. Collaboration & Stakeholder Influence Work closely with delivery, engineering, and business teams Act as a trusted technical advisor across the organization
You will be successful in this role if you have: Bachelor’s or Master’s degree in a relevant field 12–18 years of cybersecurity experience, including hands-on architecture and engineering Deep expertise in the Microsoft Security stack (Sentinel, Defender, Entra, Purview) and cloud security Demonstrated experience across Zero Trust, IAM, MDR/SOC, CTEM, Secure Network Access (ZTNA/SASE), and cyber resilience and recovery Strong threat Modeling and threat-informed Defense experience Strong AI/ML cybersecurity exposure, including GenAI / agentic security and AI risk governance Proven hands-on capability - detection engineering, automation, scripting, and building PoCs
Unisys is proud to be an equal opportunity employer that considers all qualified applicants without regard to age, blood type, caste, citizenship, color, disability, family medical history, family status, ethnicity, gender, gender expression, gender identity, genetic information, marital status, national origin, parental status, pregnancy, race, religion, sex, sexual orientation, transgender status, veteran status or any other category protected by law.
Local employment practices and rights may vary by jurisdiction and are subject to applicable local laws. This commitment includes our efforts to provide for all those who seek to express interest in employment the opportunity to participate without barriers. If you are a US job seeker unable to review the job opportunities herein, or cannot otherwise complete your expression of interest, without additional assistance and would like to discuss a request for reasonable accommodation, please contact our Global Recruiting organization at GlobalRecruiting@unisys.com . US job seekers can find more information about Unisys’ EEO commitment here .
Sourced from workday · view original
Let the agent run this one for you.
Tailored resume, auto-apply, and referral lookup — in under 2 minutes.
Section · 02
Skills
Section · Company
About Unisys

Unisys
About
Unisys India was established in 2004 in Bangalore. We have strengthened tremendously in terms of headcount and infrastructure, as well as capabilities to become an integral part of the Unisys global delivery organization. Today, we have three state-of-the-art facilities - two in Bangalore and one in Hyderabad.
At Unisys India you will see a representation from most functions of Unisys. Be it product development for Systems & Technology, application design and migration for Global Industries, service desk / enterprise computing / ITIL processes / field operations back office for GOIS or extensions of various Unisys corporate functions. We are here today because of our relentless efforts towards timely, quality and cost efficient deliveries, all meant to drive a high level of customer satisfaction at a compelling cost.
A unique blend of mature processes, high focus on tools and, above all a team of highly talented and motivated employees play a critical role in making this possible. We are poised to play an increasingly important role in Unisys journey towards predictable and profitable growth. You could be a part of this change. Imagine It. Done.
For more information, visit http://www.unisys.com