Security Architect

Objective:

We are seeking a highly experienced and strategic Security Architect to help define and lead the comprehensive security vision for our software products and cloud infrastructure. You will be responsible for designing a robust, multi-layered security posture, embedding security into our development lifecycle, and acting as the primary subject matter expert for all security-related matters, including the most complex customer escalations. This is a senior, hands-on, individual contributor role focused on driving a proactive security culture and ensuring our platform is secure by design.

About HCL Software:

HCL Software is the software business division of HCLTech, fueling the Digital+ Economy by developing, sharing, and supporting solutions in five key areas:

• Business & Industry Applications
• AI and Intelligent Operations
• Total Experience
• Data & Analytics
• Cybersecurity

These five solution areas represent massive opportunities for growth and enable total flexibility in deployment — efficiently managing data, applications, workloads, and infrastructure, leveraging our cloud options and the power of Gen AI.

About HCL Commerce:

HCL Commerce is a robust and scalable e-commerce platform that supports various business models including B2C, B2B, B2B2C, D2C, and MarketPlaces. Known for its enterprise-grade performance, HCL Commerce offers advanced features and AI capabilities to enhance online transactions and customer experiences.

Responsibilities

• Security Vision and Strategy:

  Define, own, and drive the long-term security architecture and roadmap, aligning with business objectives and emerging threats. Establish the foundational principles for a Zero Trust security model.

• Application Security & Design Review:

  Lead threat modeling and conduct in-depth security reviews for all new features. Create and approve formal design documents for security-critical components like authentication, session management, and user registration.

• Secure SDLC and DevSecOps:

  Architect and integrate security practices and tools throughout the entire Software Development Life Cycle (SDLC). Champion the integration of SAST, DAST, and SCA tools into our CI/CD pipelines (

  Azure preferred

  ).

• Cloud and Infrastructure Security:

  Design and govern the security architecture for our cloud environment (

  Azure preferred

  ). This includes network security, identity and access management (IAM), and the secure configuration of containerized environments (Docker, Kubernetes).

• Expert Escalation & Incident Support:

  Act as the final escalation point (Level 3) for complex customer-reported security issues, exercising advanced problem-solving skills to guide resolution in a timely manner, often under pressure.

• Mentorship and Guidance:

  Act as the organization's security champion. Provide direct technical guidance and mentorship to developers and testers on secure coding best practices, helping them mitigate vulnerabilities and understand security principles.

• Security Governance and Documentation:

  Develop and document security policies, standards, and features in a clear and concise manner. Work with internal and external auditors to ensure we meet industry compliance requirements.

Qualifications

• Experience:

  12+ years of experience in cybersecurity, including at least

  4+ years in a Security Architect, Principal Security Engineer, or equivalent senior technical leadership role

  .

• Application Security Expertise:

  Deep, hands-on knowledge of application security principles, threat modeling (STRIDE), and mitigating common vulnerabilities (OWASP Top 10, SQL Injection, XSS, CSRF, etc.).

• Cloud Security Mastery:

  Expert-level knowledge of cloud security architecture in a major cloud provider (

  Azure is strongly preferred

  ). Deep experience securing containerized workloads (Docker, Kubernetes).

• DevSecOps Proficiency:

  Proven experience integrating security tools (SAST, DAST, SCA) into CI/CD pipelines (

  Azure preferred

  ). A strong understanding of GitOps and Infrastructure as Code (IaC) security is required.

• Soft Skills:

• Strong analytical and problem-solving skills to resolve complex issues under pressure.
• Excellent communication skills in English to collaborate with cross-functional teams.
• A natural curiosity and passion for the field of Cyber Security.

• Version Control:

  Proficient with Version Control Software Tools, preferably Git.

• Preferred Qualifications:

• Experience with HCL Commerce.

• Deep experience in an object-oriented language (e.g., Java) and with traditional web services (REST APIs).

• Relevant industry certifications (e.g., CISSP, CISM, CCSP, AZ-500).
• Experience securing modern data stacks, including PostgreSQL and GraphQL APIs.
• Experience with compliance frameworks such as SOC 2, ISO 27001, or PCI DSS.

• Education:

  Bachelor’s degree in Computer Science, Cybersecurity, or a relevant field (or equivalent practical experience).