Cyber Security Architect

EPAM is a leading global provider of digital platform engineering and development services. We are committed to having a positive impact on our customers, our employees, and our communities. We embrace a dynamic and inclusive culture. Here you will collaborate with multi-national teams, contribute to a myriad of innovative projects that deliver the most creative and cutting-edge solutions, and have an opportunity to continuously learn and grow. No matter where you are located, you will join a dedicated, creative, and diverse community that will help you discover your fullest potential.

• Minimum 7 years of experience in cyber security architecture across enterprise applications, cloud platforms, and AI-enabled solutions
• Expertise in securing applications built on AWS and Microsoft Azure
• Proficiency in Java, Python, and .NET application security
• Skills in security architecture reviews, threat modeling, and risk assessments
• Knowledge of secure API design, authentication, authorization, and secrets management
• Familiarity with SAST, DAST, and SCA tools alongside container security and cloud security solutions
• Background in AI/ML and Generative AI security including LLMs, AI APIs, and AI data pipelines
• Understanding of Zero Trust principles, least-privilege access, and identity federation
• Competency in compliance frameworks such as ISO 27001, SOC 2, and NIST
• Qualifications in CIS, GDPR, and PCI-DSS regulatory requirements
• Capability to develop security policies, standards, procedures, and technical documentation
• Skills in cyber risk assessment, incident analysis, and root cause investigation
• English proficiency at B2 level or higher

• Design and maintain secure architecture patterns for cloud-native and enterprise applications
• Define and enforce application security standards, best practices, and secure coding guidelines for Java, Python, and .NET applications
• Perform security architecture reviews, threat modeling, and risk assessments for new and existing systems
• Support secure API design, authentication, authorization, encryption, and secrets management strategies
• Collaborate with development and DevOps teams to integrate security controls into CI/CD pipelines and SDLC processes
• Evaluate and recommend security tools and technologies including SAST, DAST, SCA, container security, and cloud security solutions
• Implement security controls for AI/ML and Generative AI solutions
• Assess security risks related to Large Language Models, AI APIs, model integrations, and AI data pipelines
• Mitigate AI-related risks such as prompt injection, data leakage, model poisoning, insecure output handling, and unauthorized model access
• Develop and govern security architectures for AWS and Microsoft Azure environments, ensuring secure configuration across cloud services, networking, IAM, storage, and compute resources
• Support Zero Trust principles, least-privilege access, and identity federation
• Conduct cyber risk assessments and provide recommendations for mitigation strategies