HiringCafe
Posted 1mo ago

Staff Security Architect

@ Yum! Brands
View All Jobs
Gurgaon or Gurgaon
HybridFull Time
Responsibilities:Lead design, Define patterns, Facilitate reviews
Requirements Summary:BE/BTech in cybersecurity or related field; 12-15 years in security architecture; hands-on cloud security; familiar with security frameworks; strong communication; certifications preferred.
Technical Tools Mentioned:AWS, Azure, GCP, IAM, Zero Trust, NIST 800-53/TOGAF, ISO 27001, SABSA, CIS Controls, SIEM, XDR, PAM, SSO, MFA, RBAC, DevSecOps, CI/CD, SAST, DAST, IaC
Save
Mark Applied
Hide Job
Report & Hide
Job Description

Responsibilities

Security Architecture & Design
•    Lead design of secure architectures for cloud-native, hybrid, and on-premises platforms supporting EMEA delivery teams. 
•    Define reusable security patterns and standardized controls aligned to global reference architectures, with EMEA-specific implementation guidance where needed. 
•    Facilitate architecture reviews, threat modeling sessions, and technical risk assessments across distributed teams. 
 

Cloud Security & DevSecOps
•    Champion secure practices and guardrails in AWS, Azure, and GCP environments; guide integration of security into CI/CD pipelines (SAST, DAST, IaC scanning, etc.). 
•    Provide leadership in secure containerization, workload protection, and secrets management patterns suited for globally standardized platforms. 
 

Identity & Access Management / Zero Trust
•    Drive adoption of Zero Trust principles and modern IAM practices, partnering on SSO, MFA, RBAC, and PAM controls. 
 

Data & Network Security
•    Lead architecture efforts for data protection strategies (classification, encryption, tokenization) and guide secure network design and segmentation. 
•    Support implementation of detection and monitoring capabilities (SIEM, XDR, etc.). 
 

Risk Management & Compliance Alignment (EMEA lens)
•    Partner with GRC and legal stakeholders to align architecture with regulatory and risk frameworks (including PCI, SOX, GDPR) and recommend mitigations aligned to business risk. 
•    Incorporate EMEA-relevant regulatory/security frameworks into solution design and documentation, such as:
o    EU GDPR / UK GDPR (privacy-by-design, cross-border transfers, data minimization)
o    NIS2 (where applicable for critical entities and supply chain risk)
o    DORA (where applicable for ICT risk management expectations in financial contexts)
o    ISO/IEC 27001/27002, NIST 800-53 / 800-207, CIS Controls, and cloud control frameworks such as CSA CCM (as relevant) 
 

Strategic Initiatives & Operating Model 
•    Drive security architecture roadmap initiatives and represent security architecture in enterprise forums with strong written artifacts and asynchronous collaboration. 
•    Mentor engineers and junior architects through patterns, reference architectures, and repeatable guardrails.
 

Qualifications

 Minimum Requirements:
•    BE / BTECH with degree in Cybersecurity, Information Systems, Computer Science, or equivalent experience. 
•    12-15 years in security architecture, cloud security, or enterprise security engineering roles; experience leading complex projects or architecture workstreams. 
•    Hands-on expertise with AWS/Azure/GCP security capabilities; strong grasp of IAM, Zero Trust, data protection, and cloud-native security tooling. 
•    Familiarity with security frameworks and architectural methodologies (NIST 800-53/207, ISO 27001, TOGAF, SABSA) and ability to apply them pragmatically across distributed teams. 
•    Strong written and verbal communication skills; ability to influence technical and non-technical stakeholders across time zones.

Preferred Requirements
•    Certifications such as CISSP, CISM, CCSP, cloud security specialties, TOGAF, or SABSA. 
•    Experience in regulated environments (PCI, SOX, GDPR, HIPAA) and practical experience implementing privacy-by-design controls. 
•    Strong DevSecOps and modern SDLC practices in Agile environments.