Security Operations & Security Architecture Lead

Role summary:

Own and elevate both day-to-day security operations and forward-looking security architecture for a large telecom environment.

Run high-availability security programs (e.g., SOC, EDR, AppSec, VAPT) with operational rigor, while designing next-gen controls for emerging platforms and threats (e.g., AI security, post-quantum cryptography, cloud-native).

A. Technical Accountabilities

1. Security Operations (Always-On)
2. 1.a

   Oversight

   and

   strategic guidance

   for a 24×7

   SOC

   with tiered response, playbooks, KPIs, and continuous tuning of SIEM/SOAR.
3. 1.b Drive

   endpoint protection

   and

   EDR

   , threat intel,

   incident handling

   , and post-incident RCA with measurable

   MTTA/MTTR

   improvements.
4. Application & Product Security (Shift-Left + Runtime)
5. 2.a Oversight and strategic guidance for a secure SDLC with SAST/DAST program involving dependency scanning, and SBOM.
6. 2.b Build a pragmatic and “

   engineering-friendly

   ” vulnerability

   remediation model

   ; block high-risk releases by policy, not by surprise.
7. Vulnerability & Exposure Management
8. 3.a

   Pragmatic approach

   to

   vulnerability management

   across app, infra and containers, with the end goal of reducing likelihood of exploitation along with minimal downtime.
9. 3.b Implement

   risk-based patching

   and virtual patching (IPS/WAF/EDR policy) to cut exposure when downtime is constrained.
10. Cloud & Platform Security
11. 4.a

    Deliver CNAPP

    (CSPM/CWPP), OpenShift hardening, container scanning, and IaC guardrails.
12. Architecture & Emerging Threats
13. 5.a Define and deploy

    zero-trust

    reference architectures spanning IT, cloud, and edge.
14. 5.b Lead

    AI security

    : model/data/agent protections, prompt/guardrail controls, model provenance, and red teaming.
15. 5.c Lead the

    quantum-risk

    roadmap: crypto inventory, agility, and transition to PQC for long-lived data/links.

B. Non-Technical & Leadership Accountabilities

1. Stakeholder Management
2. 2.a Partner with engineering to reduce toil (e.g., virtual patching, safe defaults, golden paths).
3. 2.b Align with product, legal, privacy, and network teams; translate risk into business terms.
4. Strategy & Roadmapping
5. 3.a Maintain a rolling 12–24 month security roadmap covering ops, architecture.
6. People & Culture
7. 4.a Build and mentor a high-caliber team; succession planning for critical roles.
8. 4.b Raise the bar on “secure by default” through enablement, docs, and incentives.
9. Communication & Executive Presence
10. 6.a Clear narrative for the board/CXO on threats, posture, and trade-offs.
11. 6.b Calm crisis leadership during incidents; crisp, timely updates.

Qualifications

1. 15+ years in cybersecurity with deep experience across SecOps and security architecture; at least 5 years leading managers.
2. Telecom-scale background preferred (high-throughput networks, 5G core, OSS/BSS, large consumer base).
3. Proven delivery running SOC/EDR, VAPT, and AppSec in complex, hybrid environments.
4. Hands-on familiarity with AWS/GCP, OpenShift, service mesh, APIs, and modern data/ML stacks.
5. Certifications a plus: CISSP, CISM, CCSP/CCSK, GIAC (e.g., GCIA/GCED/GCSA), OSCP—valued but not a substitute for real outcomes.
6. Excellent written/spoken communication; ability to influence senior engineering and business leaders.

Interview Signals We’ll Look For

1. Operational depth:

   concrete stories improving SOC signal-to-noise, stopping real incidents, reducing toil.

2. Architectural judgment:

   intelligent trade-offs in security vs agility.

3. Leadership:

   building teams, influencing peers, running tough programs without heroics.

Forward-thinking: