Cybersecurity Architect (Infra/GRC)

Mai Labs is a global technology incubator specializing in blockchain infrastructure, Web3 automation, and real-world asset tokenization. Our global product focus is to develop cutting-edge platforms that facilitate blockchain adoption and connect industries, enterprises, and developers.

Our portfolio includes:

• STOEX, a regulated asset tokenization platform.
• Kalp Studio and Kalp Foundation, focused on secure blockchain networks; and
• Kwala, a cross-chain Web3 workflow AI agentic engine.
• Trisori, non-custodial wallet layer with fast APIs, MPC-based security, and multi-chain abstraction.

We emphasize a decentralized and collaborative work culture that fosters autonomy, innovation, and continuous learning

At Mai Labs, technology enables transformative solutions that bridge ideas and real-world outcomes.

If above resonates with you, we will love to have a discussion with you.

Role: Cybersecurity Architect (Infra/GRC)

Location: Noida (WFO) / 5 days

Cybersecurity Architect will own the design, governance, and continuous improvement of the organization's security architecture, GRC framework, and compliance posture. This is a hands-on leadership role requiring deep expertise in cloud and application security, regulatory compliance (ISO, VARA), and audit management, while partnering closely with engineering, product, and compliance stakeholders.

What will you get to do

Design, review, and govern cloud and application security architecture across AWS / hybrid environments, including IAM, network security, SIEM, vulnerability management, endpoint security, and secure SDLC/DevSecOps.

Plan, execute, or oversee red teaming, penetration testing, and adversary simulation exercises, and drive remediation through blue team and engineering collaboration.

Lead GRC and compliance initiatives including ISO 27001, SOC 2, VARA, and regulatory requirements; maintain ISMS, SoA, RTPs, risk registers, and security documentation.

Act as the primary point of contact for internal and external audits, regulators, and third-party assessments, ensuring timely closure of findings.

Own information security policies, incident response, security awareness programs, data protection, and third party/vendor security management.

Collaborate with engineering, cloud, product, legal, and compliance teams to translate security requirements into practical, scalable controls and mentor junior team members.

Skills & Qualifications:

6+ years of experience in cybersecurity with strong hands-on expertise in cloud and application security architecture.

Proven experience with red team / penetration testing engagements, threat modeling, and translating findings into actionable security improvements.

Strong knowledge of AWS/Azure security services, secure SDLC, SOC/MDR operations, and vulnerability management.

Experience supporting compliance-driven or regulated environments (e.g., VARA, financial services, fintech, Web3)

Excellent documentation and communication skills; relevant certifications (CISSP, CISM, CCSP, ISO 27001 LA/LI) preferred.

Hiring Process: 4 rounds of interviews with Function, HR & Senior leaders.