Skip to main content
Back to jobs

Senior Product Security Architect

External
cubic logoCubic · Hyderabad Aparna, India
Full-timeOn-siteToday
Application SecurityAWSAzureCI/CDCloud SecurityCompliance
Cover LetterConnect

Prepare for this interview

Elite

AI-generated questions, company research, and talking points tailored to this role

Responsibilities

  • Security Architecture & Strategy
  • Define and implement product security architecture frameworks and standards.
  • Integrate Security-by-Design and Privacy-by-Design principles into all products.
  • Establish a long-term product security roadmap aligned with business strategy.
  • Lead threat modeling and risk assessments for critical products and platforms.
  • Provide architectural guidance for: Cloud-native applications
  • Microservices and APIs
  • SaaS and enterprise platforms
  • Drive adoption of security frameworks including: NIST Secure Software Development Framework (SSDF) - NIST SP 800-218
  • OWASP SAMM (Software Assurance Maturity Model)
  • Secure SDLC (Software Development Lifecycle)
  • Design and implement a Secure SDLC (SSDLC) framework across teams.
  • Embed security controls across: Design
  • Development
  • Testing
  • Deployment
  • Define and enforce: Secure coding standards
  • Secure coding practices
  • DevSecOps integration
  • Ensure adoption of: SAST (Static Application Security Testing)
  • DAST (Dynamic Application Security Testing)
  • SCA (Software Composition Analysis)
  • Penetration Testing frameworks
  • Establish security maturity metrics and SSDLC governance aligned with NIST SSDF and OWASP SAMM.
  • Engineering & DevSecOps Enablement
  • Partner with engineering teams to shift security left.
  • Drive adoption of DevSecOps practices and automation.
  • Enable teams through: Security training and awareness
  • Secure coding guidelines
  • Architecture reviews
  • Implement and govern CI/CD security controls and secure pipeline configurations.
  • Act as a trusted advisor to engineering leadership.
  • Vulnerability & Risk Management
  • Oversee application and product vulnerability management lifecycle.
  • Define prioritization frameworks based on: Risk severity
  • Business impact
  • Drive remediation programs and SLAs.
  • Conduct: Penetration testing reviews
  • Security assessments
  • Interpret and prioritize findings from SAST, DAST, SCA, and penetration testing activities.
  • Cloud & Infrastructure Security
  • Provide security architecture for: AWS / Azure / GCP environments
  • Container security (Docker, Kubernetes)
  • Define controls for: Identity & Access Management (IAM)
  • Data protection (encryption, key management)
  • Network security
  • Regulatory Compliance & Governance
  • Ensure compliance with industry standards: ISO 27001
  • SOC 2
  • GDPR and Data Privacy regulations
  • Implement audit-ready processes and controls.
  • Partner with risk teams for: Security audits
  • Compliance assessments
  • Leadership & Stakeholder Management
  • Lead and mentor a team of Product Security Engineers and Architects.
  • Collaborate with: Engineering leadership
  • Product management
  • Cybersecurity teams
  • External vendors and partners
  • Influence senior stakeholders on: Security investments
  • Risk posture
  • Strategic priorities
  • Incident Readiness & Response
  • Support security incident handling related to product vulnerabilities.
  • Define incident response playbooks for product security risks.
  • Conduct post-incident reviews and improve controls.
  • Required Qualifications
  • Education
  • Bachelor's or Master's degree in: Computer Science
  • Information Security
  • Engineering
  • Related field

Requirements

  • 12-18+ years of experience in: Application Security
  • Product Security
  • Security Architecture
  • DevSecOps
  • Proven experience in a leadership role (Senior Manager / Architect level).
  • Hands-on expertise in: Secure application design
  • Threat modeling
  • Secure SDLC implementation
  • Technical Skills
  • Strong knowledge of:
  • OWASP Top 10
  • Secure coding standards
  • API security
  • NIST Secure Software Development Framework (SSDF) - SP 800-218
  • OWASP SAMM (Software Assurance Maturity Model)
  • Experience with:
  • Cloud security (AWS / Azure / GCP)
  • Container and Kubernetes security
  • CI/CD pipelines and DevOps tools
  • Implementation of CI/CD security controls and secure pipelin

Additional Information

Business Unit: Cubic Transportation Systems Company Details: When you join Cubic, you become part of a company that creates and delivers technology solutions in transportation to make people's lives easier by simplifying their daily journeys, and defense capabilities to help promote mission success and safety for those who serve their nation. Led by our talented teams around the world, Cubic is committed to solving global issues through innovation and service to our customers and partners. We have a top-tier portfolio of businesses, including Cubic Transportation Systems (CTS) and Cubic Defense (CD). Explore more on Cubic.com. Job Details: Summary: We are seeking a highly experienced Senior Product Security Architect who will be responsible for embedding security into the entire product lifecycle-from design to deployment-while enabling secure innovation at scale. As a senior leader, you will define the product security strategy, influence engineering practices, and ensure security is a core pillar of product development rather than an afterthought. You will partner closely with engineering, DevOps, cloud, and business leaders to mitigate risks while accelerating delivery.

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at cubic? Share your experience

Interested in this role?

Apply on the company's website.

Cover LetterConnect