Principal Security Engineering Manager (India)

Truveta provides unprecedented real-world data and real-time intelligence, powered by a dataset built with and owned by US health systems united in a mission of Saving Lives with Data. Together, we power breakthrough medical discoveries, accelerate regulatory-grade evidence, and improve patient care. Today, Truveta enables research on more than 130 million de-identified patients across the US.    Achieving Truveta’s ambitious mission requires an incredible team of talented and inspired people with a special combination of health, software and big data experience who share our  company values .   Role Overview   We are looking for a  Principal Security Engineering Manager  to own and drive security across applications, cloud infrastructure, and platform operations.   This role requires a  hands-on technical leader  who can design and implement security controls end-to-end while partnering closely with engineering teams. The ideal candidate brings a strong mix of  software engineering, cloud architecture, and security expertise , with the ability to scale security practices in a modern, cloud-native environment.     Key Responsibilities   Lead the design and implementation of  security controls across the full technology stack , including applications, services, and cloud infrastructure.    Establish and drive  secure development practices , integrating security into CI/CD pipelines and developer workflows.    Own programs for identifying and addressing risks, including:    Vulnerability discovery and remediation    Application and infrastructure testing    Continuous validation of security posture    Define and implement  data protection strategies , including encryption, access controls, and data handling standards.    Conduct and govern  security assessments  for both internally developed systems and external vendors/partners.    Build and enhance  identity and access control systems , ensuring least privilege and strong authentication mechanisms.    Develop and mature  logging, monitoring, and detection capabilities  to identify and respond to threats effectively.    Strengthen  threat detection and incident response readiness  through automation, telemetry, and engineering-driven approaches.    Design and secure  cloud and network architectures , including edge protection, traffic filtering, and service isolation.    Drive adoption of  modern security architectures  such as zero trust and defense-in-depth.    Integrate  security into emerging technologies , including AI/ML systems, ensuring protection against data leakage and model abuse.    Partner with engineering, platform, and product teams to  embed security into system design and architecture decisions .    Lead by example as a  hands-on engineer , contributing to design reviews, code, and automation where needed.    Mentor and guide engineers, raising the overall  security and engineering maturity  of the organization.      Required Qualifications   12–16+ years of experience in  security engineering, software engineering, or cloud security .    Strong background in  software development or DevOps , with the ability to build or review code and automation.    Deep understanding of:    Secure application design and common vulnerabilities    Cloud platforms (Azure preferred) and distributed systems    Identity systems and access control models    Monitoring, detection, and response mechanisms    Network and edge security principles    Experience implementing  security at scale in cloud-native environments .    Proven ability to  balance strategic thinking with hands-on execution .    Strong communication skills with the ability to influence engineering and leadership teams.        Preferred Qualifications   Experience in  regulated environments  (e.g., healthcare, finance).    Familiarity with  modern AI/ML security considerations .    Experience with  large-scale telemetry and detection systems  (e.g., SIEM platforms).    Knowledge of  industry standards and compliance frameworks .    Relevant certifications (e.g., CISSP, OSCP, cloud security certifications).      What We’re Looking For   A  builder and problem-solver  who can operate across multiple layers of the stack.    Someone who naturally  bridges engineering and security  rather than treating them separately.    A leader who can  simplify and unify security practices  across teams.    Strong ownership mindset with the ability to  drive outcomes in a complex environment .