Principal Security Architect

About the Organization

We are a leading AMISP (Advanced Metering Infrastructure Service Provider) in India, manufacturing over 5 Lakh smart energy meters monthly with fully captive Design, Development, Validation, Software, and Managed Services teams. With a current turnover of ₹600 Cr and exponential growth ahead, we are expanding into smart water and gas metering. This Kolkata-based role supports the digital backbone of our secure, data-intensive ecosystem.

Position Overview

We are seeking a hands-on and strategically inclined **Principal Security Architect – Cloud & Application Security**, with deep experience in securing high-scale digital platforms and distributed data systems. This is a developer-centric role that blends architecture-level thinking with implementation-grade depth. Candidates from high-growth startups, e-commerce, or tech-driven logistics firms (e.g., Rapido, BlueSmart, etc.) handling massive, real-time data flows are encouraged to apply.

Suggested Designation

Principal Security Architect – Cloud & Application Security

Key Responsibilities

· Own end-to-end security architecture across multi-cloud environments (AWS, Azure, GCP, etc.).

· Lead implementation of DevSecOps pipelines integrating SAST, DAST, container scanning, and infrastructure as code (IaC) security.

· Define, enforce, and audit secure coding practices across development teams and CI/CD pipelines.

· Integrate SIEM and monitoring tools (e.g., Splunk, ELK, Wazuh) for proactive threat detection, alerting, and incident response.

· Design secure database access and encryption protocols for time-series and high-volume telemetry data.

· Support product, cloud, and customer integration teams on GDPR, ISO 27001 and other compliance needs.

· Conduct regular threat modelling, security risk assessments, and third-party audits.

· Mentor software, DevOps and infrastructure teams in security-first principles and zero-trust architecture.

Required Skills & Experience

· 5–7 years hands-on experience in application and cloud security roles, with total experience not exceeding 10 years.

· Strong development background with secure coding in .NET, Python, or Java environments.

· Security architecture design for distributed cloud systems and microservices.

· Hands-on with at least two major cloud platforms (e.g., AWS, Azure) and their native security services.

· Experience implementing and managing SIEM tools and incident response playbooks.

· Well-versed with IAM, VPCs, WAFs, container security, KMS, and tokenization techniques.

· GDPR Certified; deep understanding of data privacy regulations and data protection impact assessments (DPIAs).

· Strong working knowledge of ISO 27001, SOC2, OWASP Top 10, and NIST security frameworks.

· Exposure to large-scale data platforms with real-time ingestion, storage, and access requirements.

Preferred Background

· Developer-turned-security-architect with practical exposure to DevSecOps and large-scale data protection.

· Experience in high-growth e-commerce, mobility, or logistics startups managing dynamic and voluminous user data.

· Comfortable working in hybrid or multi-cloud managed service provider (MSP) environments.

· Strong ethical grounding, analytical mindset, and deep commitment to safeguarding digital systems.

· Bachelor’s or Master’s degree in Computer Science, Information Security, or a related technical field.

Authority & Strategic Impact

· Define the security vision, controls, and posture for all cloud and application platforms.

· Own technical decisions related to encryption, access policies, vulnerability management, and compliance programs.

· Act as the organization’s security representative during customer audits, pre-sales technical reviews, and vendor assessments.

· Collaborate cross-functionally with Product, DevOps, Software, QA, and external partners for secure product delivery.

· Establish secure SDLC practices, perform security reviews, and mentor teams across the product lifecycle.

Additional Cloud Management Competence

· Serve as the technical bridge between internal development teams and multiple external Cloud Service Providers (CSPs).

· Possess strong familiarity with cloud-native service offerings (e.g., networking, identity, logging, serverless, and security controls) across AWS, Azure, or other major platforms.

· Contribute to and challenge architectural decisions from CSPs with a deep understanding of multi-cloud design patterns and their trade-offs.

· Translate business and security requirements into cloud-specific implementations in a collaborative and iterative fashion.

· Participate in regular technical reviews, PoCs, and solution evaluations with cloud partners to align roadmap objectives with scalable delivery plans.

· Guide internal development and DevOps teams to match security expectations and architecture hygiene demanded by MSPs or CSP integrations.

· Understand service-level agreements (SLAs), shared responsibility models, and cloud-native observability in the context of metering data systems.

· Drive internal enablement by simplifying complex cloud constructs and improving developer readiness in multi cloud environments