Associate Principal Engineer, Cloud Security

Nagarro

Cyber Security Architect designing and improving security architecture across enterprise systems for a digital product engineering company. Collaborating with teams to enhance security across cloud environments and applications.

Posted 5/21/2026full-timeRemote • 🇱🇰 Sri LankaJuniorMid-LevelWebsite

Tech Stack

Tools & technologies

AWSAzureCloudCyber SecurityGoogle Cloud PlatformKubernetesSDLCVault

About the role

Key responsibilities & impact

Develop and maintain enterprise level security architecture, reference models, and security patterns.
Conduct threat modeling (using STRIDE, DREAD, LINDDUN, or similar methodologies) for applications, APIs, and infrastructure.
Review high level and low level solution designs for security gaps and recommend mitigations.
Define secure coding guidelines and assist development teams in secure implementation Cryptography & Hardware Security Module (HSM).
Manage and operate HSMs (Thales, nCipher, Azure Key Vault Managed HSM, AWS CloudHSM, etc.).
Oversee lifecycle operations: key generation, rotation, storage, distribution, and decommissioning - Implement and enforce cryptographic standards (AES 256, RSA 2048/4096, ECC, TLS 1.2/1.3, etc.).
Integrate HSMs into application workflows and enterprise systems Compliance & Security Validation.
Validate third party and internal software integrations for compliance (ISO 27001, PCI DSS, SOC 2, local regulatory standards).
Perform architectural risk assessments and oversee secure onboarding of vendors and SaaS platforms.
Ensure alignment of solutions with Zero Trust principles and enterprise security policies Cloud & Infrastructure Security.
Architect secure solutions in cloud environments (Azure, AWS, GCP) - Define IAM, network segmentation, encryption, and logging strategies.
Evaluate and enhance container and Kubernetes security Incident Response & Governance.
Contribute to incident response planning and root cause analysis .
Maintain security documentation, roadmaps, and architectural standards.
Collaborate closely with DevOps, development, networking, and governance.

Requirements

What you’ll need

7 - 12 years of total experience in cyber security, information security, or related fields.
3 - 5 years specifically in security architecture or security engineering roles.
Hands on experience with enterprise security tools, cloud security configurations, and security frameworks.
Experience working in regulated or compliance driven environments (e.g., PCI DSS, ISO 27001, GDPR, KSA regulatory requirements).
Bachelor's or Master's degree in Computer Science, Cyber Security, Information Systems, or a related field (or equivalent practical experience).
Knowledge of security architecture frameworks (SABSA, TOGAF, NIST CSF, NIST 800 53).
Proficiency in threat modeling and secure design methodologies.
Hands on experience with HSMs, cryptography, and key management systems.
Deep understanding of IAM, network security, cloud security, and API security.
Experience with secure SDLC and DevSecOps practices.
Knowledge of SIEM, SOAR, endpoint security, and vulnerability management tools.
Ability to evaluate software for regulatory compliance and conduct risk assessments.
Strong documentation and communication skills.

Benefits

Comp & perks

Employees can work remotely

ATS Keywords

✓ Tailor your resume

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

security architecturethreat modelingsecure coding guidelinescryptographyHSM managementkey managementcloud securityIAMnetwork securityAPI security

Soft Skills

documentationcommunicationcollaborationincident response planningroot cause analysis

Certifications

ISO 27001PCI DSSSOC 2NIST CSFNIST 800 53