Job Title

Role Title: Cybersecurity Architect & Delivery Manager (Cloud/Hybrid, GRC Controls)Location: M.G. Road, Bengaluru (Hybrid - 3 days WFO)Working Hours: 9 PM to 6 AM IST (24/7 environment)Company: TRUGlobal IT ServicesCustomer: Global Medical Device Manufacturing OrganizationPrimary domain: Enterprise Cybersecurity Architecture + Security Engineering Delivery + Compliance/GRC across cloud (Azure/AWS), hybrid, and on-prem.Key Responsibilities 1. Technical SolutioningDesign & Blueprinting: Create scalable security architecture blueprints for cloud (Azure/AWS), hybrid, and on-prem environments.Tool Orchestration: Lead the integration between core security stacks, including XSIAM/SIEM, SASE, EDR, and IAM/PAM solutions Security-by-Design: Serve as the technical lead for new IT projects, ensuring security requirements are embedded in the design phase.2. Hands-on Gap Analysis & RemediationTechnical Gap Assessments: Perform deep-dive technical audits of existing infrastructure to identify security /"leaks/" or configuration drifts.Threat Modeling: Conduct architectural threat modeling to anticipate attack vectors and design preemptive technical defenses.Hands-on Execution: Direct involvement in the configuration and deployment of security tools (e.g., tuning WAF rules, configuring MDM policies, or scripting automation in Python/PowerShell).3. Compliance & Control ManagementGovernance Oversight: Manage the full lifecycle of IT security controls to ensure continuous compliance with HIPAA, GDPR, SOX, and ISO 27001.Evidence Management: Streamline the collection and delivery of audit evidence using GRC platforms and automated API ingestion.Vulnerability Lifecycle: Oversee technical vulnerability management (Nessus/Qualys), translating raw scan data into prioritized, actionable remediation plans for infra teams.4. Project & Service DeliveryMilestone Management: Lead security delivery workstreams, managing budgets, timelines, and technical resources to ensure 100% project completion.Stakeholder Bridge: Translate complex technical gaps into risk-based business language for executive leadership.Required Qualifications & SkillsTechnical MasteryHands-on Expertise: Proficiency in configuring firewalls (Next-Gen), EDR/XDR, Identity providers (Okta/Azure AD), and Cloud Security (CSPM/CWPP).Architecture: Strong understanding of Zero Trust Architecture (ZTA) and SASE frameworks.Scripting: Ability to automate routine security tasks using PowerShell, Python, or Bash.Compliance & AuditFramework Knowledge: Expert-level understanding of NIST CSF, SOC2, and CIS Benchmarks.Audit Experience: Proven track record of leading technical teams through rigorous external audits (SOX/HIPAA).Experience & CertificationsExperience: 10+ years in Cybersecurity, with at least 3 years in a Delivery or Architecture lead role.Certifications: CISSP (required), plus one or more of: AWS/Azure Security Architect, CISM, CISA, TOGAFManagerial Experience : Team Oversight: Manage and mentor a team of Security Engineers, Analysts, and Compliance Officers.Monitoring & Tracking: Ability to monitor and track team members, assign and track projects/ tasks, document regular status updates and present Cybersecurity KPI’s to management bi-weekly/ monthlyPerformance Indicators (KPIs)Gap Closure: 90% remediation of /"High/" and /"Critical/" technical gaps within 60 days of discovery.Control Compliance: 100% /"Healthy/" status for mandated IT security controls across the enterprise.Project Velocity: Delivery of security architecture projects within +/- 10% of scheduled milestones.Operations: Achieving a Mean Time to Contain (MTTC) of Compliance: Zero material findings in annual SOX/ IT Security Controls audits.