Security Operations & Security Architecture Lead

Role summary:

Own and elevate both day-to-day security operations and forward-looking security architecture for a large telecom environment.

Run high-availability security programs (e.g., SOC, EDR, AppSec, VAPT) with operational rigor, while designing next-gen controls for emerging platforms and threats (e.g., AI security, post-quantum cryptography, cloud-native).

A. Technical Accountabilities

1. Security Operations (Always-On)
2. 1.a Oversight and strategic guidance for a 247 SOC with tiered response, playbooks, KPIs, and continuous tuning of SIEM/SOAR.
3. 1.b Drive endpoint protection and EDR, threat intel, incident handling, and post-incident RCA with measurable MTTA/MTTR improvements.
4. Application & Product Security (Shift-Left + Runtime)
5. 2.a Oversight and strategic guidance for a secure SDLC with SAST/DAST program involving dependency scanning, and SBOM.
6. 2.b Build a pragmatic and engineering-friendly vulnerability remediation model; block high-risk releases by policy, not by surprise.
7. Vulnerability & Exposure Management
8. 3.a Pragmatic approach to vulnerability management across app, infra and containers, with the end goal of reducing likelihood of exploitation along with minimal downtime.
9. 3.b Implement risk-based patching and virtual patching (IPS/WAF/EDR policy) to cut exposure when downtime is constrained.
10. Cloud & Platform Security
11. 4.a Deliver CNAPP (CSPM/CWPP), OpenShift hardening, container scanning, and IaC guardrails.
12. Architecture & Emerging Threats
13. 5.a Define and deploy zero-trust reference architectures spanning IT, cloud, and edge.
14. 5.b Lead AI security: model/data/agent protections, prompt/guardrail controls, model provenance, and red teaming.
15. 5.c Lead the quantum-risk roadmap: crypto inventory, agility, and transition to PQC for long-lived data/links.

B. Non-Technical & Leadership Accountabilities

1. Stakeholder Management
2. 2.a Partner with engineering to reduce toil (e.g., virtual patching, safe defaults, golden paths).
3. 2.b Align with product, legal, privacy, and network teams; translate risk into business terms.
4. Strategy & Roadmapping
5. 3.a Maintain a rolling 1224 month security roadmap covering ops, architecture.
6. People & Culture
7. 4.a Build and mentor a high-caliber team; succession planning for critical roles.
8. 4.b Raise the bar on secure by default through enablement, docs, and incentives.
9. Communication & Executive Presence
10. 6.a Clear narrative for the board/CXO on threats, posture, and trade-offs.
11. 6.b Calm crisis leadership during incidents; crisp, timely updates.

Qualifications

1. 15+ years in cybersecurity with deep experience across SecOps and security architecture; at least 5 years leading managers.
2. Telecom-scale background preferred (high-throughput networks, 5G core, OSS/BSS, large consumer base).
3. Proven delivery running SOC/EDR, VAPT, and AppSec in complex, hybrid environments.
4. Hands-on familiarity with AWS/GCP, OpenShift, service mesh, APIs, and modern data/ML stacks.
5. Certifications a plus: CISSP, CISM, CCSP/CCSK, GIAC (e.g., GCIA/GCED/GCSA), OSCPvalued but not a substitute for real outcomes.
6. Excellent written/spoken communication; ability to influence senior engineering and business leaders.

Interview Signals We'll Look For

1. Operational depth: concrete stories improving SOC signal-to-noise, stopping real incidents, reducing toil.
2. Architectural judgment: intelligent trade-offs in security vs agility.
3. Leadership: building teams, influencing peers, running tough programs without heroics.

Forward-thinking: practical plans for AI security and quantum risk that