Principal Cybersecurity Architect

Title: Principal Cybersecurity Architect & Security Engineering Leader

Level: AVP

Location: India preferably Chennai, Mumbai or Hyderabad based (Also open to Remote/Hybrid working)

Reports to: Global Head of Information Security, Privacy and Business Continuity

Position Summary:

Job Description:

The Principal Cybersecurity Architect & Security Engineering Leader is a senior technical leader responsible for shaping the company’s cybersecurity architecture and engineering strategies to keep its cybersecurity posture at the leading edge. This role will oversee the Cybersecurity Engineering, Architecture, Exposure/Vulnerability Management, and Identity Security functions, focused on delivering security solutions, projects and relevant programs that drive enterprise cyber resilience and secure business growth. The role involves leading critical enterprise security projects, developing and implementing comprehensive security standards, ensuring secure architecture, evaluating and deployed new security solutions, and managing cross-functional cybersecurity initiatives.

Key Responsibilities:

• Cybersecurity Strategy & Solutioning: Develop and lead the strategy for modernizing the company’s security stack, ensuring architecture stays current with evolving technologies and threats. Oversee/Manage -
• Spearhead strategic cybersecurity projects across Network Security, Endpoint Security, Cloud Security, and Identity Security, leveraging advanced technologies like SentinelOne, Tenable, Zscaler, SailPoint, and Orca.
• Drive security solutioning, engineering, and project implementations to mitigate risk and enhance security resilience.
• Define and maintain security standards, handling exceptions across various technology types and ensuring consistent risk mitigation.
• Conduct Proofs of Concept (POCs) to evaluate and implement emerging security solutions.
• Security Architecture & Engineering: Oversee cybersecurity engineering and architecture to deliver secure, scalable, and resilient solutions across the enterprise and all business functions.
• Architect and document robust security solutions for critical corporate infrastructure, cloud environments, and customer-facing platforms.
• Oversee the deployment and configuration of security solutions including but not limited to next-generation firewalls, EDR/XDR, disk encryption, data security posture management & DLP solutions, and advanced cloud security management solutions (AWS, GCP, Azure, OCI).
• Maintain a comprehensive Security Architecture Review program for new and existing technologies, ensuring alignment with industry best practices and regulatory standards.
• Vulnerability & Exposure Management: Direct/Oversee the Vulnerability Assessment and Penetration Testing (VAPT) program, ensuring that the program continuously assesses and mitigates security vulnerabilities and exposures across the organization’s technology estate.
• Lead a comprehensive Security Vulnerability Management Program, overseeing Tenable project deployments, and operational processes for managing vulnerabilities in workstations, servers, and applications.
• Execute security assessments for 400+ applications, ensuring secure SDLC practices across the development lifecycle.
• Manage network security, cloud security, and external attack surface vulnerability assessments using tools like Orca, Cycognito, BitSight and others.
• Conduct internal and external penetration tests, simulating attacks to proactively identify and address security gaps.
• Identity Governance & Administration: Direct the Identity & Access Management program, enforcing policies, controls and governance that protects access to critical systems and data.
• Oversee the deployment and management of the SailPoint Identity Governance solution, ensuring access is governed based on roles, levels, and lines of business.
• Drive MFA implementation across the organization, along with secure Active Directory configuration and Privileged Access Management (PAM) for high-value admin accounts.
• Team & Talent Management:
• Build, lead, and develop high-performing cybersecurity engineering and architecture teams, fostering a culture of excellence and innovation.
• Act as a mentor and advocate for team members’ growth, focusing on upskilling talent to address evolving security challenges.

Cross-Functional Collaboration: Lead cross-functional collaboration with IT, Risk, Compliance, and other stakeholders to embed cybersecurity best practices across the organization and achieve unified risk management goals.

• Partner with technology, business and compliance teams to ensure cybersecurity solutions support strategic objectives and regulatory requirements.
• Lead regular security reviews, providing updates to executive leadership and advocating for necessary investments in cybersecurity resources and technologies.

Qualifications and Skills:

• Education: Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field. An advanced degree (Master’s or MBA) is preferred.
• Certifications: CISSP, CISM, CISA, CRISC, or equivalent; advanced certifications in security engineering or architecture (e.g., GIAC Security Expert (GSE), Certified Information Systems Security Architect (CISSA)) are a plus.
• Experience:
• 12+ years of experience in cybersecurity, with a focus on security engineering, architecture, vulnerability management, and identity security in a large, complex global organization.
• Proven experience in designing, implementing, and managing security solutions for critical enterprise infrastructure, including cloud environments, network security, and endpoint protection.
• Experience in IT/ITES/BPO environments (preferred) or in highly regulated environments with a thorough understanding of compliance frameworks, including GDPR, HIPAA, PCI-DSS, NIST, and ISO/IEC 27001.

Technical Skills:

• Hands-on expertise in security engineering and solutioning, including endpoint security (e.g., SentinelOne, CrowdStrike, Carbon Black, Trellix DLP), network security (e.g., Zscaler, PANW, Checkpoint, next-generation firewalls), and cloud security (e.g., Orca, Wiz, Azure, GCP, AWS).
• In-depth knowledge of security architecture, secure SDLC practices, vulnerability management (e.g., Tenable, Rapid7, Qualys), and IAM solutions (e.g., SailPoint, Saviynt, Okta, Delinea).
• Strong understanding of advanced cybersecurity threats, attack vectors, and mitigation strategies across complex multi-cloud and hybrid environments.
• Leadership and Communication:
• Exceptional leadership, team development, and decision-making skills with a proven ability to lead high-performing cybersecurity engineering teams and foster cross-functional collaboration.
• Excellent communication skills, with the ability to effectively convey technical security concepts to non-technical audiences, including senior leadership, clients, and regulatory authorities.

This role requires a seasoned security engineering leader capable of designing and executing a modern security strategy, managing complex security initiatives, and ensuring resilient protection across the enterprise technology landscape.

Join Us:

We invite you to be part of an impactful journey in strengthening our security posture, supporting global clients, and driving a culture of security and resilience across a diverse and innovative organization.