Principal Security Engineering Manager (India)

Truveta provides unprecedented real-world data and real-time intelligence, powered by a dataset built with and owned by US health systems united in a mission of Saving Lives with Data. Together, we power breakthrough medical discoveries, accelerate regulatory-grade evidence, and improve patient care. Today, Truveta enables research on more than 130 million de-identified patients across the US.

Achieving Truveta’s ambitious mission requires an incredible team of talented and inspired people with a special combination of health, software and big data experience who share our company values.

Role Overview

We are looking for a Principal Security Engineering Manager to own and drive security across applications, cloud infrastructure, and platform operations.

This role requires a hands-on technical leader who can design and implement security controls end-to-end while partnering closely with engineering teams. The ideal candidate brings a strong mix of software engineering, cloud architecture, and security expertise, with the ability to scale security practices in a modern, cloud-native environment.

Key Responsibilities

• Lead the design and implementation of security controls across the full technology stack, including applications, services, and cloud infrastructure.

• Establish and drive secure development practices, integrating security into CI/CD pipelines and developer workflows.

• Own programs for identifying and addressing risks, including:

• Vulnerability discovery and remediation

• Application and infrastructure testing

• Continuous validation of security posture

• Define and implement data protection strategies, including encryption, access controls, and data handling standards.

• Conduct and govern security assessments for both internally developed systems and external vendors/partners.

• Build and enhance identity and access control systems, ensuring least privilege and strong authentication mechanisms.

• Develop and mature logging, monitoring, and detection capabilities to identify and respond to threats effectively.

• Strengthen threat detection and incident response readiness through automation, telemetry, and engineering-driven approaches.

• Design and secure cloud and network architectures, including edge protection, traffic filtering, and service isolation.

• Drive adoption of modern security architectures such as zero trust and defense-in-depth.

• Integrate security into emerging technologies, including AI/ML systems, ensuring protection against data leakage and model abuse.

• Partner with engineering, platform, and product teams to embed security into system design and architecture decisions.

• Lead by example as a hands-on engineer, contributing to design reviews, code, and automation where needed.

• Mentor and guide engineers, raising the overall security and engineering maturity of the organization.

Required Qualifications

• 12–16+ years of experience in security engineering, software engineering, or cloud security.

• Strong background in software development or DevOps, with the ability to build or review code and automation.

• Deep understanding of:

• Secure application design and common vulnerabilities

• Cloud platforms (Azure preferred) and distributed systems

• Identity systems and access control models

• Skills & Tags

  gorustazureaidevopsdataproductdesign