Principal Security Architect Risk & Infosec Job in M2p Solutions Private Limited

Experience: 8-12 years

What You ll Do:

• Develop and execute a holistic application and cloud security strategy aligned with industry best practices and regulatory requirements.
• Lead a team of security professionals responsible for assessing, testing, and securing our applications and cloud environments.
• Collaborate closely with software development and cloud engineering teams to embed security into the development and deployment lifecycle (DevSecOps), including secure coding practices, vulnerability assessments, and cloud security controls.
• Lead security reviews and audits of our systems, networks, and applications.
• Provide strategic guidance and recommendations to executive leadership on security investments, priorities, and initiatives.
• Serve as a subject matter expert and advisor to executive leadership on application and cloud security matters communicating security risks and strategies effectively.
• Conduct regular risk assessments and security audits of our application and cloud infrastructure, identifying vulnerabilities and recommending remediation measures.
• Oversee the implementation and management of security controls and technologies to protect against internal and external threats targeting our applications and cloud services.
• Provide guidance and support to project teams in implementing secure cloud architectures and ensuring compliance with security policies and standards.
• Stay abreast of emerging threats and security trends in application and cloud security, proactively adapting security measures to mitigate risks.
• Implement and manage security controls, technologies, and best practices to protect against internal and external threats targeting applications and cloud services.
• Ensure compliance with security policies, standards, and regulatory requirements related to application and cloud security.

What you need to have?

• Bachelor's / master s degree in computer science, Information Security, or a related field; advanced degree preferred.
• Proven experience (7+ years out of 12+ years) in a senior leadership role within application and cloud security, with a strong background in implementing effective security strategies across diverse environments.
• Deep understanding of cloud technologies (e.g., AWS, Azure, GCP) and cloud security best practices.
• Strong knowledge of software development methodologies and secure coding principles, with experience in DevSecOps practices and tools as follows [ Gitleaks, SonarQube, Dependnecy Track, Terrascan, OWASP ZAP, Mobsf, Defect Dojo and RHACS ]
• Experience of Threat Modelling against any 1 or multiple of the following standards: Stride, Dread, Pasta and Attack Trees for Cloud, API, Mobile Application are preferred.
• Expertise and deep understanding on CNAPP [ CPSM, CWPP, CIEM].
• Expertise in Vulnerability life cycle related with PCI DSS, PCI 3DS and SOC2 etc
• Deep understanding and hands on Fortify, Tenable and Burp Suite preferred.
• Expertise in industry standards and frameworks related to application and cloud security (e.g., OWASP, CIS Benchmarks, CSA Cloud Controls Matrix).
• Experience leading and managing a team of security professionals, fostering a culture of collaboration and continuous improvement.
• Excellent communication and interpersonal skills, with the ability to engage and influence stakeholders at all levels of the organization.
• Relevant certifications (e.g., CISSP, CCSP, CISM) preferred.
• Proven track record of driving security initiatives and achieving measurable outcomes in a complex and dynamic environment.

Who We Are: Home(m2pfintech.com)

Founded in the year 2014 and headquartered in Chennai, M2P Fintech is Asia s largest API infrastructure company offering a wide gamut of services that enable businesses of any scale to embed financial services.

M2P Fintech is an omni-channel platform that operates in over 20 markets across the Asia Pacific, MENA, and Oceania regions. M2P works with over 100+ banks, 100+ NBFCs, and has clocked over 600+ Fintech engagements across various industries serving over 35 million end users.

M2P pioneers in next-gen fintech through innovative offerings across the payments, lending, and banking ecosystem. Our comprehensive tech-stack powers the core banking system, core lending suite, BNPL, customized credit cards, prepaid cards, and much more.

M2P is backed by reputed investors fintech industry veterans (such as Amrish Rau PayU, Kunal Shah CRED, Jitendra Gupta Jupiter, etc) as well as reputed international venture capital funds (such as Insight Partners, MUFG, Tiger Global, Beenext, Flourish Ventures and Omidyar Network).

Why Join Us:

We are a Fun bunch to be with..!