SonicWall is a cybersecurity forerunner with more than 30 years of expertise and is recognized as a leading partner-first company, ensuring our partners and their customers are never alone in the fight against cybercrime. With the ability to build, scale and manage security across the cloud, hybrid and traditional environments in real-time, SonicWall provides relentless security against the most evasive cyberattacks across endless exposure points for increasingly remote, mobile and cloud-enabled users. With its own threat research center, SonicWall can quickly and economically provide purpose-built security solutions to enable any organization—enterprise, government agencies and SMBs—around the world. For more information, visit www.sonicwall.com or follow us on Twitter, LinkedIn, Facebook and Instagram.
We are looking for a Principal Security Architect to lead the security design and strategy for our private cloud infrastructure hosted in colocation facilities. This is a senior individual contributor role with significant influence over architecture decisions, security standards, and engineering culture. You will serve as the technical authority on all matters related to infrastructure security, working closely with network, platform, and compliance teams to build and maintain a resilient, zero-trust-aligned environment.
Key Responsibilities:
- Own the end-to-end security architecture for colocation-based private cloud environments, including compute, storage, networking, and virtualization layers
- Define and enforce security standards, reference architectures, and design patterns across infrastructure and application teams
- Lead threat modeling exercises for new systems, services, and major infrastructure changes
- Evaluate and guide adoption of security tooling including SIEM, IDS/IPS, PAM, microsegmentation, and secrets management solutions
- Provide security architecture guidance for hybrid connectivity between on-premises/colo environments and public cloud workloads (primarily AWS)
- Collaborate with the IAM team to design and enforce least-privilege access models across both private and cloud environments
- Define and enforce modern security standards, reference architectures, and design patterns across infrastructure and application teams
- Drive the security architecture roadmap in alignment with business objectives and regulatory requirements (SOC 2, ISO 27001, ISO 42001, NIST CSF)
- Mentor senior and mid-level engineers, conducting design reviews and architectural assessments
- Partner with legal, risk, and compliance teams on data residency, sovereignty, and audit readiness
- Represent security architecture in executive briefings, vendor evaluations, and cross-functional planning sessions
Essential Business Experience and Technical Skills:
Experience:
- 12+ years in information security, with at least 5 years focused on security architecture.
- Deep expertise in private cloud and colocation environments — physical security controls, data center networking, bare-metal and hypervisor-level security (VMware, KVM, or similar)
- Strong experience with network security architecture: firewalls, VLANs, BGP/OSPF security, microsegmentation, and east-west traffic control
- Hands-on familiarity with AWS security services and constructs (VPC, IAM, Security Hub, GuardDuty, AWS Organizations, SCPs) in a hybrid cloud context
- Experience architecting secure connectivity between colo and cloud environments (Direct Connect, VPN, SD-WAN)
- Demonstrated experience with PKI, certificate lifecycle management, secrets management (HashiCorp Vault or equivalent), and encryption at rest and in transit
- Proven track record leading security architecture for large-scale, regulated environments
- Proven cross-functional leadership skills to motivate and inspire the team.
- Ability and desire to not just think outside the box but find a new box when necessary.
Skills & Knowledge:
- Deep understanding of zero-trust principles and practical implementation strategies
- Strong command of identity and access management patterns across on-prem and cloud
- Familiarity with container security and Kubernetes hardening in private environments (a plus)
- Working knowledge of infrastructure-as-code from a security review and guardrails perspective (Terraform, Ansible)
- Excellent ability to communicate complex security concepts to technical and non-technical audiences
- Strong documentation skills — able to produce architecture diagrams, threat models, and decision records
Certifications (Preferred):
- CISSP, CISM, or SABSA
- AWS Certified Security – Specialty
- CCSP or equivalent cloud security certification
#LI-DS9
#LI-Pune
#LI-Hybrid
#LI-CISSP
SonicWall is an equal opportunity employer.
We are committed to creating a diverse environment and are an equal opportunity employer. All qualified applicants receive consideration for employment without regard to race, color, ethnicity, religion, sex, gender, gender identity and expression, sexual orientation, national origin, disability, age, marital status, veteran status, pregnancy, or any other basis prohibited by applicable law.
At SonicWall, we pride ourselves on recruiting a diverse mix of talented people and providing active security solutions in 100+ countries.
Applicant Privacy Notice