Job Title: Principal Security Architect

Location: Mumbai /Chennai/Bangalore

1         Job Description

1.1                       Overview

DNEG’s expanding Information Security (InfoSec), Governance, Risk and Compliance (GRC), and Data Privacy programs require a seasoned Principal Security Architect to lead the secure design and governance of security architecture. This role supports DNEG’s strategic priorities in AI innovation, product development, and cloud transformation, while ensuring security is embedded across all platforms, systems, and services.

The ideal candidate will guide secure design practices across cloud, application, data, and AI environments, collaborating with engineering, product, and operations teams. This role will help ensure confidentiality, integrity, and availability of systems and content—particularly in support of client requirements and frameworks such as ISO 27001, TPN, and GDPR.

1.2                       Mandatory Requirements and Expectations

An experienced individual is required who can:

• Lead enterprise security architecture across infrastructure, applications, AI/ML, and data systems
• Apply secure design frameworks such as OWASP SAMM, ASVS, MITRE ATLAS, and Zero Trust principles
• Work closely with engineering and AI teams to integrate security into product and model lifecycles
• Architect solutions for IAM, cloud controls, data protection, and application security
• Guide secure integration of external vendors and platforms, managing third-party risk
• Contribute to architectural governance, incident response planning, and secure operations
• Ensure alignment with DNEG’s compliance obligations and client content protection requirements

2         Duties and Operational Responsibilities

• Define and maintain enterprise security architecture standards, blueprints, and reference models
• Lead threat modeling and security reviews across critical systems, products, and AI models
• Collaborate with engineering, MLOps, and product teams to ensure secure SDLC and CI/CD processes
• Collaborate with IT to architect IAM capabilities including SSO, MFA, role-based access, and privileged access controls
• Promote secure data design including encryption, tokenization, and classification
• Guide secure integration and onboarding of third-party tools, APIs, and platforms
• Support security operations with architecture for monitoring, detection, and incident response
• Participate in client assessments, internal audits, and TPN evaluations

3         Job Requirements

3.1                       Mandatory Job Requirements

A successful candidate will meet the majority of the requirements listed below and will be able demonstrate suitable experience in competencies in each of the following:

• 10+ years of experience in cybersecurity, with 5+ years in architecture or engineering leadership
• Experience across enterprise security domains: cloud, application, AI/ML, identity, data, and infrastructure
• Proven use of frameworks including OWASP SAMM, ASVS, MITRE ATLAS, and Zero Trust
• Deep understanding of secure development practices, threat modeling, and API security
• Familiarity with AI/ML security threats including prompt injection, model manipulation, and adversarial risks
• Strong understanding of compliance drivers such as ISO 27001, GDPR, and TPN
• Excellent communication and stakeholder management across technical and business teams

3.2                       Desired Job Requirements

A successful candidate will have experience with the desired requirements listed below and will be able demonstrate suitable experience in competencies in each of the following:

• Familiarity with tools for SAST, DAST, SCA, CSPM, CWPP, CNAPP, IaC scanning, and container security (e.g., Kubernetes)
• Experience with incident response design, logging architecture, and SIEM/SOAR integration
• Knowledge of frameworks such as NIST, SABSA, and secure infrastructure reference models
• Experience supporting media and entertainment platforms and securing high-value IP workflows

3.3                       Education

• A bachelor’s degree in Computer Science, Cybersecurity, or related field is preferred
• Certifications such as CISSP, CCSP, OSWE, or Cloud Security Architect are strongly preferred
• Training or experience with AI Security, OWASP frameworks, or enterprise architecture methodologies is a plus