5+ Threat modeling Jobs in India

Job Title: Senior Technical Architect

Location: Ahmadabad

Employment Type: Full-time

Experience Level: 10+ Years

Key Responsibilities

1. Architecture & Design

·        Develop end-to-end architecture blueprints for large-scale enterprise applications.

·        Define component-based and service-oriented architectures (Microservices, SOA, Event-Driven).

·        Create API-first designs using REST, GraphQL, and gRPC with clear versioning strategies.

·        Establish integration patterns for internal systems, third-party APIs, and middleware.

·        Design cloud-native architectures leveraging AWS, Azure, or GCP services.

·        Define coding guidelines, performance benchmarks, and security protocols. Participate in POC projects to evaluate new tools and frameworks.

2. Performance, Security, & Scalability

·        Implement caching strategies (Redis, Memcached, CDN integrations).

·        Ensure horizontal and vertical scalability of applications.

·        Apply security best practices: OAuth 2.0, JWT, SAML, encryption (TLS/SSL, AES), input validation, and secure API gateways. Set up application monitoring and logging using ELK, Prometheus, Grafana, or equivalent.

3. DevOps & Delivery

·        Define CI/CD workflows using Jenkins, GitHub Actions, Azure DevOps, or GitLab CI.

·        Collaborate with DevOps teams for container orchestration (Docker, Kubernetes).

·        Integrate automated testing pipelines (unit, integration, and load testing).

Required Technical Skills

Programming & Frameworks:

·        Expertise in one or more enterprise languages: Core, Node.js.

·        Strong understanding of front-end technologies (Angular, React) for full-stack integration.

Architecture & Patterns:

·        Microservices, Domain-Driven Design (DDD), Event-Driven Architecture (EDA).

·        Message brokers and streaming: Kafka, RabbitMQ, Azure Event Hub, Azure Service Bus.

Databases & Storage:

·        Relational DBs: PostgreSQL, MySQL, MS SQL Server.

·        NoSQL DBs: MongoDB.

·        Caching layers: Redis, Memcached.

Cloud & Infrastructure:

·        Azure (App Services, Functions, API Management, Cosmos DB),

Security:

·        OAuth 2.0, SAML, OpenID Connect, JWT. Secure coding practices, threat modelling, penetration testing familiarity.

DevOps & CI/CD:

·        Azure DevOps, GitLab CI/CD.

·        Docker, Kubernetes.

Testing & Quality Assurance:

·        Unit testing (JUnit, NUnit, PyTest, Mocha). Performance/load testing (JMeter, Locust).

Monitoring & Observability:

·        Azure Monitoring, App Insight, Prometheus, Grafana

Preferred Skills & Certifications

·        Microsoft Certified: Azure Solutions Architect Expert,

·        Exposure to AI/ML services and IoT architectures.

KPIs for Success

·        Reduced system downtime through robust architecture designs.

·        Improved performance metrics and scalability readiness.

·        Successful delivery of complex projects without major architectural rework.

·        Increased developer productivity through better standards and tools adoption.

Job Role : Azure DevSecOps Engineer (Security-Focused)

Experience : 12 to 18 Years

Location : Preferably Delhi NCR (Hybrid); Remote possible with 1–2 office visits per quarter (Gurgaon)

Joining Timeline : Max 45 days (Buyout option available)

Work Mode : Full-time | 5 Days Working

About the Role :

We are looking for a highly experienced Azure DevSecOps Engineer with a strong focus on cloud security practices.

This role is 60–70% security-driven, involving threat modeling, secure cloud architecture, and infrastructure security on Azure using Terraform.

Key Responsibilities :

• Architect and maintain secure, scalable Azure cloud infrastructure using Terraform.
• Implement security best practices : IAM, threat modeling, network security, data protection, and compliance (e.g., GDPR).
• Build CI/CD pipelines and automate deployments using Azure DevOps, Jenkins, Prometheus.
• Monitor, analyze, and proactively improve security posture.
• Collaborate with global teams to ensure secure design, development, and operations.
• Stay updated on cloud security trends and lead mitigation efforts.

Mandatory Skills :

Azure, Terraform, DevSecOps, Cloud Security, Threat Modelling, IAM, CI/CD (Azure DevOps), Docker, Kubernetes, Prometheus, Infrastructure as Code (IaC), Compliance Frameworks (GDPR)

Preferred Certifications :

Certified DevSecOps Professional (CDP), Microsoft Azure Certifications

About us:

HappyFox is a software-as-a-service (SaaS) support platform. We offer an enterprise-grade help desk ticketing system and intuitively designed live chat software.

We serve over 12,000 companies in 70+ countries. HappyFox is used by companies that span across education, media, e-commerce, retail, information technology, manufacturing, non-profit, government and many other verticals that have an internal or external support function.

To know more, Visit! - https://www.happyfox.com/

Responsibilities:

• Perform manual and automated application penetration tests and provide suggestions to harden our products
• Participate regularly in the development and release process to identify and report security vulnerabilities in the code being shipped
• Conduct regular audits on all Features/APIs of the product and reports vulnerabilities to the development team
• Keep up with industry trends in the security space
• Triage inbound vulnerability reports with an appropriate level of urgency and track them until they are resolved by Engineering teams
• Should be able to understand different elements of our NodeJS, Python and similar stacks and provide guidance on secure software development practices to the team
• Scale our application security engineering team

Requirements:

• Strong verbal and written communication skills
• Has worked on Web Application Security Testing for a reasonably complex application. The mobile experience is a plus
• Good knowledge of secure software development guidelines from authoritative bodies like NIST, OWASP, SANS
• Hands-on experience in performing manual/automated security assessments with open-source/commercial security tools

Job Description

Cyber Threat Intelligence & Threat Hunting - Subject Matter Expert (B3-2)

Responsibilities:

Perform threat research, create actionable threat advisories, and derive hunting queries based on the evolving threat vectors.

Understand APT groups, Conduct deep dive technical analysis of cyber-attack tools, tactics, and procedures. Create hypothesis and perform active threat hunting.

Minimum Requirements:

10+ years of overall experience, 7+ years of experience in cyber threat intelligence, malware analysis (Reverse engineering)

Hands-on experience with writing threat hunting hypothesis & active threat hunting

Experience with YARA rule and OpenIOC signature creation.

Experience with multi-tiered mission-critical systems.

Experience in opensource sandbox and honeypots.

Preferred Certification

GIAC Cyber Threat Intelligence (GCTI)

C| TIA (Certified Threat Intelligence Analyst)

CCTIA by the NICCS

Job Responsibilities:

Experience: 8 Yrs to 12 Yrs

1. Hands-on expertise on performing Application pen testing (Mobile(Android, IOS),networking, web application pen testing),
2. Should worked on IOT,AWS,Application Penetration Testing, Reverse Engineering, source code review, CI/CD Pipeline
3. have done any submission on Bug crowd or Bug Bounty.
4. have developed tools or scripts for web pen test on GitHub.
5. Certified on OSCP
6. Threat Modeling
7. Network scan in stealth mode or simple scan using Nmap and Burp suite

Implement security measures which monitor and protect sensitive data and systems from infiltration and cyber-attacks.

Developing different ways to solve the existing threats and security issues.

Configuring and implementing intrusion detection systems and firewalls.

Security product development, testing, and implementation.

Responsible for security technology research, penetration testing, and vulnerability scanning.

Please follow the below inputs.

The shift will starts from 03:00 PM to 12 AM (fixed for few months),

OSCP certification(Not mandatory, preferable)

Below are the primary key skills:

Total Application Security Experience:

Total Security Architecture Experience:

IOT(optional)

MOBILE

WEB

AWS(Mandatory)

NETWORKING

THREAT MODELS