We are looking for a highly experienced Information Security leader to drive the security architecture and strategy for Gnani.ai’s global AI infrastructure.

This role will lead the company’s security vision across cloud infrastructure, product engineering, and operational environments. The leader will work closely with engineering and platform teams to ensure security is embedded deeply into the architecture of the platform rather than treated as a compliance layer.

This is a highly technical leadership role requiring strong hands-on understanding of cloud systems, distributed infrastructure, and secure software development at scale.

Key Responsibilities

Security Leadership & Strategy

• Define and lead the enterprise security architecture, strategy, and long-term roadmap.

• Establish security as a core engineering discipline across the organization rather than a compliance function.

• Build and lead a lean, high-impact security organization while optimizing current team structure and processes.

Cloud Security

• Secure a large-scale AWS infrastructure running across seven global regions and supporting approximately fifteen thousand active production EC2 instances.

• Strengthen multi-account governance and security controls across multiple cloud environments.

• Drive identity and access governance including IAM hardening, secure vaulting, and federation best practices.

• Implement continuous cloud monitoring, threat detection, and automated remediation through Cloud SecOps practices.

Application & API Security

• Embed security within the engineering lifecycle including threat modeling, automated testing, and secure CI/CD practices.

• Strengthen the security posture of microservices architectures, APIs, SDK integrations, and customer-facing applications.

• Implement mature vulnerability management processes with measurable improvements in remediation timelines.

• Establish protection mechanisms against bot abuse, runtime threats, and application-level attacks.

Developer Security Enablement

• Enable developers with the tools, training, and guardrails required to build secure software by default.

• Implement strong software supply chain security and development workflows.

• Maintain strong integration with development platforms such as GitHub and related DevSecOps tooling.

Network & Infrastructure Security

• Review and strengthen internal and external network architecture to support global scale.

• Implement modern zero-trust architecture and continuous verification models.

• Drive secure containerization, orchestration security, and cross-region infrastructure resilience.

Governance, Risk & Compliance

• Provide strategic oversight for governance and compliance frameworks while operational execution remains supported by existing teams.

• Ensure compliance outcomes are achieved through strong foundational security controls rather than reactive processes.

Incident Response & Risk Monitoring

• Own detection, monitoring, and response frameworks across infrastructure, data, and application layers.

• Lead incident investigation, root cause analysis, and containment strategies following security events.

Team & Culture

• Entire security organization operates from the Bengaluru office with close collaboration with the engineering team.

• Culture focused on technical excellence, accountability, and engineering-driven decision making.

• Strong emphasis on continuous improvement, simplification of systems, and building scalable security frameworks.

Candidate Persona

• 10 to 12 years of experience in information security leadership with strong hands-on cloud engineering expertise.

• Background as a developer or infrastructure engineer with experience securing complex production environments.

• Deep understanding of AWS services, networking architecture, identity systems, encryption, and distributed systems security.

• Proven ability to influence senior engineering leadership and drive security-first engineering practices.

• Experience building and leading high-performance security teams in fast-growing technology organizations.

• Highly analytical with the ability to combine accounting rigor with strategic thinking.

• Comfortable operating in fast-paced environments with high ownership and decision-making responsibility.