Security Architect

Job Description Objective: We are seeking a highly experienced and strategic Security Architect to help define and lead the comprehensive security vision for our software products and cloud infrastructure. You will be responsible for designing a robust, multi-layered security posture, embedding security into our development lifecycle, and acting as the primary subject matter expert for all security-related matters, including the most complex customer escalations. This is a senior, hands-on, individual contributor role focused on driving a proactive security culture and ensuring our platform is secure by design. About HCL Software: HCL Software is the software business division of HCLTech, fueling the Digital+ Economy by developing, sharing, and supporting solutions in five key areas: - Business & Industry Applications - AI and Intelligent Operations - Total Experience - Data & Analytics - Cybersecurity These five solution areas represent massive opportunities for growth and enable total flexibility in deployment efficiently managing data, applications, workloads, and infrastructure, leveraging our cloud options and the power of Gen AI. About HCL Commerce: HCL Commerce is a robust and scalable e-commerce platform that supports various business models including B2C, B2B, B2B2C, D2C, and MarketPlaces. Known for its enterprise-grade performance, HCL Commerce offers advanced features and AI capabilities to enhance online transactions and customer experiences. Responsibilities - Security Vision and Strategy: Define, own, and drive the long-term security architecture and roadmap, aligning with business objectives and emerging threats. Establish the foundational principles for a Zero Trust security model. - Application Security & Design Review: Lead threat modeling and conduct in-depth security reviews for all new features. Create and approve formal design documents for security-critical components like authentication, session management, and user registration. - Secure SDLC and DevSecOps: Architect and integrate security practices and tools throughout the entire Software Development Life Cycle (SDLC). Champion the integration of SAST, DAST, and SCA tools into our CI/CD pipelines (Azure preferred). - Cloud and Infrastructure Security: Design and govern the security architecture for our cloud environment (Azure preferred). This includes network security, identity and access management (IAM), and the secure configuration of containerized environments (Docker, Kubernetes). - Expert Escalation & Incident Support: Act as the final escalation point (Level 3) for complex customer-reported security issues, exercising advanced problem-solving skills to guide resolution in a timely manner, often under pressure. - Mentorship and Guidance: Act as the organization's security champion. Provide direct technical guidance and mentorship to developers and testers on secure coding best practices, helping them mitigate vulnerabilities and understand security principles. - Security Governance and Documentation: Develop and document security policies, standards, and features in a clear and concise manner. Work with internal and external auditors to ensure we meet industry compliance requirements. Qualifications - Experience: 12+ years of experience in cybersecurity, including at least 4+ years in a Security Architect, Principal Security Engineer, or equivalent senior technical leadership role. - Application Security Expertise: Deep, hands-on knowledge of application security principles, threat modeling (STRIDE), and mitigating common vulnerabilities (OWASP Top 10, SQL Injection, XSS, CSRF, etc.). - Cloud Security Mastery: Expert-level knowledge of cloud security architecture in a major cloud provider (Azure is strongly preferred). Deep experience securing containerized workloads (Docker, Kubernetes). - DevSecOps Proficiency: Proven experience integrating security tools (SAST, DAST, SCA) into CI/CD pipelines (Azure preferred). A strong understanding of GitOps and Infrastructure as Code (IaC) security is required. - Soft Skills: - Strong analytical and problem-solving skills to resolve complex issues under pressure. - Excellent communication skills in English to collaborate with cross-functional teams. - A natural curiosity and passion for the field of Cyber Security. - Version Control: Proficient with Version Control Software Tools, preferably Git. - Preferred Qualifications: - Experience with HCL Commerce. - Deep experience in an object-oriented language (e.g., Java) and with traditional web services (REST APIs). - Relevant industry certifications (e.g., CISSP, CISM, CCSP, AZ-500). - Experience securing modern data stacks, including PostgreSQL and GraphQL APIs. - Experience with compliance frameworks such as SOC 2, ISO 27001, or PCI DSS. - Education: Bachelor's degree in Computer Science, Cybersecurity, or a relevant field (or equivalent practical experience).