Principal Security Architect

DNEG • Remote (Bengaluru, Karnataka, India) • 9h ago

Job Title: Principal Security Architect

Location: Bangalore

Overview

DNEG’s expanding Information Security (InfoSec), Governance, Risk and Compliance (GRC), and Data Privacy programs require a seasoned Principal Security Architect to lead the secure design and governance of security architecture. This role supports DNEG’s strategic priorities in AI innovation, product development, and cloud transformation, and will play a key role in enabling AI-driven security capabilities, including the development of automation, intelligent tooling, and AI-enabled security workflows. The role will combine strategic architecture with hands-on engineering to help build scalable security capabilities, including AI-assisted security operations and internal security automation.

The ideal candidate will guide secure design practices across cloud, application, data, and AI environments, collaborating with engineering, product, and operations teams. This role will help ensure confidentiality, integrity, and availability of systems and content—particularly in support of client requirements and frameworks such as ISO 27001, TPN, and GDPR.

Mandatory Requirements and Expectations

An experienced individual is required who can:

Lead enterprise security architecture across infrastructure, applications, AI/ML, and data systems
Apply secure design frameworks such as OWASP SAMM, ASVS, MITRE ATLAS, and Zero Trust principles
Work closely with engineering and AI teams to integrate security into product and model lifecycles
Architect solutions for IAM, cloud controls, data protection, and application security
Guide secure integration of external vendors and platforms, managing third-party risk
Contribute to architectural governance, incident response planning, and secure operations
Ensure alignment with DNEG’s compliance obligations and client content protection requirements
Design and build security automation and AI-assisted tooling to streamline security architecture, threat modeling, and operational workflows
Partner with AI engineering teams to design secure AI systems and enable safe use of AI agents across internal platforms
Develop or prototype internal security tools, automation frameworks, and AI-driven workflows to improve security efficiency and scale

Duties and Operational Responsibilities

Define and maintain enterprise security architecture standards, blueprints, and reference models
Lead threat modeling and security reviews across critical systems, products, and AI models
Collaborate with engineering, MLOps, and product teams to ensure secure SDLC and CI/CD processes
Collaborate with IT to architect IAM capabilities including SSO, MFA, role-based access, and privileged access controls
Promote secure data design including encryption, tokenization, and classification
Guide secure integration and onboarding of third-party tools, APIs, and platforms
Support security operations with architecture for monitoring, detection, and incident response
Participate in client assessments, internal audits, and TPN evaluations
Identify opportunities to leverage AI and automation to improve security processes such as threat modeling, architecture reviews, risk analysis, and detection engineering
Contribute to the design of secure AI agents and automation platforms used within the security and engineering organizations

Prototype and guide development of internal security tooling and AI-assisted workflows

Job Requirements

Mandatory Job Requirements

A successful candidate will meet the majority of the requirements listed below and will be able demonstrate suitable experience in competencies in each of the following:

10+ years of experience in cybersecurity, with 5+ years in architecture or engineering leadership
Experience across enterprise security domains: cloud, application, AI/ML, identity, data, and infrastructure
Proven use of frameworks including OWASP SAMM, ASVS, MITRE ATLAS, and Zero Trust
Deep understanding of secure development practices, threat modeling, and API security
Familiarity with AI/ML security threats including prompt injection, model manipulation, and adversarial risks
Strong understanding of compliance drivers such as ISO 27001, GDPR, and TPN
Excellent communication and stakeholder management across technical and business teams

Desired Job Requirements

A successful candidate will have experience with the desired requirements listed below and will be able demonstrate suitable experience in competencies in each of the following:

Familiarity with tools for SAST, DAST, SCA, CSPM, CWPP, CNAPP, IaC scanning, and container security (e.g., Kubernetes)
Experience with incident response design, logging architecture, and SIEM/SOAR integration
Knowledge of frameworks such as NIST, SABSA, and secure infrastructure reference models
Experience supporting media and entertainment platforms and securing high-value IP workflows.
Experience building internal engineering tools, security automation frameworks, or developer security platforms
Experience using AI/LLM frameworks (LangChain, OpenAI APIs, etc.) to build internal tooling or automation workflows
Familiarity with AI agent frameworks and AI-assisted engineering workflows
Experience integrating security into AI engineering pipelines and MLOps platforms

Education

A bachelor’s degree in Computer Science, Cybersecurity, or related field is preferred
Certifications such as CISSP, CCSP, OSWE, or Cloud Security Architect are strongly preferred
Training or experience with AI Security, OWASP frameworks, or enterprise architecture methodologies is a plus