Security Solutions Architect

Responsibilities & Key Deliverables

As a Security Solutions Architect, you will serve as a principal technical authority responsible for designing, engineering, and governing end‑to‑end security architectures across IT, OT, cloud, network, and AI ecosystems. You will play a pivotal role in strengthening the organization’s security posture by developing scalable, future‑ready architectures that enable secure digital transformation.

This role goes beyond traditional security architecture — you will drive Zero‑Trust adoption, OT cyber maturity, secure AI initiatives, and automation-led security engineering. You will collaborate deeply with technology, operations, product, manufacturing, data, and business teams to embed security by design into every platform, workload, plant, and process.

This position is built for a technologist with exceptional breadth and depth — someone who thrives in complex enterprise environments, influences at the highest levels, and is hands-on when needed.

🔧 Core Responsibilities

1. Enterprise & Cloud Security Architecture

• Define and maintain enterprise-wide security architecture covering cloud (AWS/GCP/Azure), hybrid and on‑prem ecosystems.
• Establish end‑to‑end security blueprints, guardrails, and standards for application, infrastructure, network, and data platforms.
• Drive Zero‑Trust adoption (identity-first, least privilege, micro‑segmentation, continuous verification).
• Architect secure landing zones, VPC/VNET segmentation, WAF strategies, cloud-native security controls, and E2E encryption architectures.

2. Network & Infrastructure Security

• Design secure network architectures including SD‑WAN, micro‑segmentation, network access control, and secure remote operations.
• Lead architecture for firewalls, IPS/IDS, DDoS, secure gateways, service mesh security, and API security frameworks.
• Evaluate and integrate modern network security technologies such as SASE, SSE, ZTNA, and DNS security.

3. OT Security Architecture

• Build and mature OT/ICS cybersecurity architecture across plants, factories, connected assets, and SCADA systems.
• Apply IEC 62443 practices, Purdue Model segmentation, and secure remote maintenance frameworks.
• Lead threat modeling and risk assessments for manufacturing and industrial systems.
• Implement OT-specific monitoring (ICS SOC), anomaly detection, asset discovery, and secure vendor connectivity.

4. DevSecOps, Automation & Platform Security

• Embed security toolchains into CI/CD pipelines and standardize SAST, DAST, SCA, container, and IaC security.
• Define “Policy as Code” using OPA, Sentinel, and automation workflows for continuous compliance.
• Architect container, Kubernetes, and service mesh security for modern platforms.

5. IAM, PAM & Identity Security

• Architect enterprise identity models, federation, SSO, MFA, adaptive authentication, and privilege access strategy.
• Mature CIAM, IAM governance, Just‑In‑Time access, and role engineering.

6. AI, Data & Next-Gen Security

• Develop AI security models including securing LLM workflows, model endpoints, training data and inference APIs.
• Build guardrails to mitigate AI-specific risks such as hallucinations, prompt manipulation, data leakage, and model poisoning.
• Define security patterns for data lakes, analytics platforms, and ML pipelines.

7. Architecture Governance & Technical Leadership

• Lead reviews through Architecture Review Boards and guide teams on secure engineering best practices.
• Mentor engineering and security teams, evangelize secure-by-design culture, and provide direction during high-severity incidents.
• Influence stakeholders at all levels with data-driven, risk-balanced recommendations.

🎯 Minimum Qualifications

• 12–15+ years of experience in security architecture across complex enterprise environments.
• Deep functional and hands-on expertise in network security, cloud security, OT/ICS security, and platform security.
• Strong experience designing enterprise-grade solutions in AWS, Azure, or GCP.
• Practical knowledge of container security, PKI, secrets management, encryption techniques, and API security.
• Solid experience in threat modelling (STRIDE, PASTA) and architecture-level risk assessments.
• Strong scripting/automation skills (Python, Bash, PowerShell, Go).

💡 Preferred Qualifications

• Experience in highly regulated industries (BFSI, Mobility, Automotive, Manufacturing, Healthcare, etc.).
• Certifications such as CISSP, CCSP, CSSLP, SANS GIAC, AWS/Azure/GCP Specialties.
• Experience with AI/ML security, secure model lifecycle management, and data protection for AI workloads.
• Hands-on knowledge of ICS/OT security frameworks (NIST 800-82, IEC 62443).
• Familiarity with enterprise architecture frameworks (TOGAF, SABSA) is a plus.

🧠 Key Competencies

• Architectural Mindset: Ability to design scalable, future-ready enterprise security frameworks.
• Technical Depth: Strong command of modern security technologies and engineering patterns.
• Leadership & Influence: Ability to guide diverse teams without authority and simplify complex technical issues.
• Strategic Thinking: Balance risk, operational velocity, and business outcomes.
• Continuous Innovator: Passionate about emerging technologies, AI, automation, and advanced threats.

🔥 What Makes This Role Exciting

• Direct impact on enterprise-wide architecture and cyber maturity.
• Work across IT, OT, Cloud, AI, IoT, Connected Products, Manufacturing, and Digital Engineering.
• Influence executive decisions in a high-visibility role.
• Blend of visionary strategy + deep hands-on engineering.
• Opportunity to shape the future of secure digital transformation.