Job Title

 Job Description: Security, governance, and data foundationsRole OverviewWe are seeking a Principal Security & Data Architect to design, govern, and continuously evolve the security, identity, data, and AI trust foundations of our SaaS platform. This role will ensure that security, privacy, and compliance are embedded by design, not retrofitted.You will act as the final technical authority on:Platform security architectureIdentity & access modelsData governance & privacyAI safety & complianceEnterprise and regulatory readinessThis role partners closely with the Chief / Product Platform Architect, Engineering Leaders, and Compliance teams to build a secure, scalable, and audit-ready ecosystem.Key Responsibilities1. Security & Identity ArchitectureDefine end-to-end security architecture for multi-tenant SaaS platforms.Design and govern identity and access management (IAM) including:RBAC, ABAC, policy-based authorizationTenant-level isolation strategiesZero-Trust access modelsOwn authentication strategies:OAuth2, OIDC, SAML, MFAPasswordless, OTP, federated identity (AAD, Okta, etc.)Define secure API standards (JWT, mTLS, token lifecycles).2. Data Architecture & GovernanceArchitect secure, scalable data platforms supporting:Transactional dataAnalytical dataAI/ML pipelinesDefine data classification, retention, encryption, and access policies.Ensure data isolation per tenant at logical and physical levels.Govern schema evolution, data lineage, and data quality.Lead privacy-by-design implementations.3. AI Security & Trust FoundationsDefine AI governance frameworks including:Model access controlsPrompt securityTraining data complianceEnsure ethical AI, explainability, and bias mitigation.Design secure architectures for:Vector databasesFeature storesModel inference pipelinesImplement privacy-preserving AI techniques (masking, anonymization, tokenization).4. Compliance, Risk & GovernanceLead platform readiness for:SOC 2ISO 27001GDPR, DPDP, HIPAA (where applicable)Define audit logging, traceability, and forensics standards.Own risk assessments, threat modeling, and security reviews.Partner with Legal & Compliance for policy enforcement.Establish governance for third-party integrations and vendors.5. Platform Resilience & Security EngineeringDefine security patterns for:MicroservicesEvent-driven architecturesCloud-native deploymentsLead secure SDLC practices:SAST, DAST, dependency scanningSecrets managementCI/CD security controlsDefine incident response, DR, and BCP strategies.Ensure platform resilience, availability, and observability.6. Leadership & InfluenceAct as principal technical advisor on security and data.Mentor architects, senior engineers, and security champions.Review and approve high-risk architectural decisions.Drive security culture across engineering teams.Collaborate with Product, Platform, and Infrastructure leaders.Required Experience & SkillsExperience12–18+ years in software architecture, security, and data platforms.Proven experience designing enterprise SaaS platforms.Hands-on experience with identity systems, access control, and policy engines.Experience supporting compliance audits and enterprise customers.Prior experience in AI-enabled or data-intensive platforms.Technical ExpertiseSecurity: IAM, OAuth2, OIDC, JWT, mTLS, Zero TrustData: PostgreSQL, NoSQL, Data Lakes, WarehousesAI/Data: Vector DBs, ML pipelines, feature storesCloud: AWS / Azure / GCP security servicesDevSecOps: CI/CD security, secrets managementArchitecture: Microservices, event-driven, API-first systemsSoft Skills & MindsetStrong architectural judgment and risk-based thinkingAbility to say “no” when security or data integrity is compromisedExcellent communication with technical and non-technical stakeholdersSystems thinker with long-term platform visionPragmatic — balances security with product velocityWhat Success Looks LikeSecurity incidents are rare, contained, and well-handledPlatform passes audits with minimal remediationDevelopers build securely by defaultCustomers trust the platform with sensitive enterprise dataAI systems are explainable, compliant, and safeNice to HaveExperience in BFSI, HealthTech, or regulated industriesContributions to security standards or open-sourcePrior role as Chief Security Architect or Principal Architect