Job Description

description of job

Cyber Security Lead/ Expert

Swedium Global is looking for Cyber Security Lead/Expert:

Location: Bangalore

Overview

The Software Security Lead owns the Software Security Capability strategy, maturity model, roadmap, and architectural alignment. This role drives secure-by-default development at scale and defines enterprise guardrails for AI-assisted development and LLM-enabled products.

This is a capability leadership role — not a GRC role.

Key Responsibilities

Capability Ownership

  • Define and evolve the Software Security Capability target state.
  • Own maturity model, roadmap, and cross-domain adoption strategy.
  • Represent the capability in architecture and governance forums.
  • Align capability to Zero Trust and internal target architecture.

Strategic Tooling & Platform Governance

  • Own strategy and lifecycle for:
    • SAST, DAST, SCA ecosystem
    • GHAS governance
    • SBOM & supply chain security
  • Define enterprise-level DevSecOps golden paths.
  • Establish policy-as-code standards and enforcement mechanisms.

Secure Architecture Leadership

  • Define secure architecture principles across:
    • Web, APIs, mobile
    • Microservices
    • Cloud-native
  • Institutionalize threat modelling practices.
  • Establish enterprise-level risk acceptance frameworks.

AI Security & Future Software Development (Mandatory)

  • Define enterprise policies for:
    • AI-assisted coding tools
    • AI-generated code governance
    • Provenance & license controls
  • Establish secure design patterns for LLM-enabled features:
    • Prompt injection mitigation
    • Model isolation strategies
    • Data minimization
    • Red-teaming practices
  • Track market evolution in LLM security and supply chain standards.
  • Translate evolving risks into enforceable CI/CD guardrails.

Metrics & Engineering KPIs

  • Define engineering-centric metrics:
    • Risk reduction
    • Exploitability-based prioritization
    • Build protection coverage
    • Paved-road adoption rate
  • Drive continuous developer experience improvements.

Leadership & Stakeholder Management

  • Lead backlog prioritization.
  • Influence engineering leadership.
  • Balance developer productivity and security risk.
  • Mentor senior engineers and build capability depth.

Required Skills

  • 10+ years in application security / secure architecture.
  • Proven experience leading security capabilities or programs.
  • Deep hands-on expertise in:
    • OWASP (Top 10, SAMM, ASVS, MASVS)
    • NIST SSDF (SP 800-218)
    • ISO/IEC 27034
  • Strong experience with GitHub ecosystem governance.
  • Experience defining DevSecOps paved roads at enterprise scale.
  • Deep expertise in threat modelling and risk-based prioritization.
  • Demonstrated AI security governance experience.
  • Strong communication and executive engagement skills.

Job Overview

  • Location : Bangalore, Karnataka
  • Vacancy : 1
  • Key Skills :
Apply Now