Associate Principal Engineer, Cloud Security

About This Role

Responsibilities

• Develop and maintain enterprise level security architecture, reference models, and security patterns.
• Conduct threat modeling (using STRIDE, DREAD, LINDDUN, or similar methodologies) for applications, APIs, and infrastructure.
• Review high level and low level solution designs for security gaps and recommend mitigations.
• Define secure coding guidelines and assist development teams in secure implementation.
• Manage and operate HSMs (Thales, nCipher, Azure Key Vault Managed HSM, AWS CloudHSM, etc.)
• Oversee lifecycle operations: key generation, rotation, storage, distribution, and decommissioning.
• Implement and enforce cryptographic standards (AES 256, RSA 2048/4096, ECC, TLS 1.2/1.3, etc.)
• Integrate HSMs into application workflows and enterprise systems.
• Validate third party and internal software integrations for compliance (ISO 27001, PCI DSS, SOC 2, local regulatory standards).
• Perform architectural risk assessments and oversee secure onboarding of vendors and SaaS platforms.
• Ensure alignment of solutions with Zero Trust principles and enterprise security policies.
• Architect secure solutions in cloud environments (Azure, AWS, GCP).
• Define IAM, network segmentation, encryption, and logging strategies.
• Evaluate and enhance container and Kubernetes security.
• Contribute to incident response planning and root cause analysis.
• Maintain security documentation, roadmaps, and architectural standards.
• Collaborate closely with DevOps, development, networking, and governance.

Requirements

• 7 - 12 years of total experience in cyber security, information security, or related fields
• 3 - 5 years specifically in security architecture or security engineering roles
• Hands on experience with enterprise security tools, cloud security configurations, and security frameworks
• Experience working in regulated or compliance driven environments (e.g., PCI DSS, ISO 27001, GDPR, KSA regulatory requirements)
• Bachelor's or Master's degree in Computer Science, Cyber Security, Information Systems, or a related field (or equivalent practical experience)
• Knowledge of security architecture frameworks (SABSA, TOGAF, NIST CSF, NIST 800 53)
• Proficiency in threat modeling and secure design methodologies
• Hands on experience with HSMs, cryptography, and key management systems
• Deep understanding of IAM, network security, cloud security, and API security
• Experience with secure SDLC and DevSecOps practices
• Knowledge of SIEM, SOAR, endpoint security, and vulnerability management tools
• Ability to evaluate software for regulatory compliance and conduct risk assessments
• Strong documentation and communication skills
• Experience with microservices security, container security (Docker, Kubernetes)
• Familiarity with SAST, DAST, SCA, and IaC security scanning tools
• Knowledge of PKI, certificate management systems, and digital signatures
• Experience in payments security, tokenization, or financial industry standards
• Exposure to OT/IoT security
• Scripting/automation skills (Python, PowerShell, Bash)
• Understanding of Zero Trust and Secure Access Service Edge (SASE) architectures

About Nagarro

Nagarro SE is a Munich-based IT service provider that specializes in digital product engineering and technology services, including AI-driven solutions. Founded in the mid-1990s in India, the company has grown significantly, merging with Allgeier SE in 2011 and later becoming an independent entity listed on the Frankfurt Stock Exchange in December 2020. With around 18,000 employees across 36 countries, Nagarro aims to reach $10 billion in revenue within the next decade, driven by AI adoption. The company focuses on designing, developing, and implementing custom software solutions tailored to specific business needs. Its core offerings include insights suites for various executive levels and a range of AI and technology services. Nagarro serves diverse industries such as automotive, banking, healthcare, and telecommunications, operating with a unique culture that promotes creativity and agility through small, collaborative teams. The company has received several awards for its achievements and emphasizes social initiatives within its community.