Track Lead - IT security Job Details

Track Lead - IT security

India

Job Description

Track Lead - IT security

Chennai, Tamil Nadu

Job Summary

Job Summary*

The Senior Solution Architect – Vulnerability Management is responsible for defining, designing, and governing the enterprise vulnerability management architecture across infrastructure, applications, cloud, container, and emerging technology landscapes.

This role bridges security strategy, engineering execution, and business risk, ensuring vulnerabilities are continuously identified, prioritized, remediated, and reported in alignment with regulatory, risk, and resilience objectives.

The role partners closely with Cyber Defense, Application Security, Cloud Security, IT Infrastructure, DevSecOps, and Risk teams to embed vulnerability management as a core security capability, not just a scanning function

Key Responsibilities

Strategy & Architecture : Define the enterprise vulnerability management reference architecture covering: ,Infrastructure (on-prem, cloud, hybrid) ,Applications (SAST, DAST, SCA) ,Containers, Kubernetes, serverless ,Network, endpoint, databases, and middleware ,Establish capability roadmaps aligned with Zero Trust, Secure SDLC, and Continuous Controls Monitoring. Ensure alignment with enterprise security architecture, threat models, and risk frameworks.

Solution Design & Engineering Leadership : Design scalable solutions for: Vulnerability discovery, validation, and de-duplication .Risk-based prioritization (CVSS + threat intelligence + asset criticality) .Remediation orchestration and automation .Drive tool integrations with: CMDB / asset inventory, CI/CD pipelines ,Ticketing and workflow systems ,Cloud-native services and APIs .Define secure-by-design patterns for development and infrastructure teams.

DevSecOps & Automation :Embed vulnerability scanning into CI/CD pipelines with shift-left and shift-right controls. Enable policy-as-code and automated guardrails. Reduce false positives and noise through contextual analysis and tuning. Promote remediation automation using SOAR, scripts, and infrastructure-as-code.

Governance, Risk & Compliance: Define vulnerability management standards, policies, and architectural guardrails.Map vulnerability management controls to regulatory and audit requirements. Support risk acceptance, exception handling, and executive reporting. Partner with Risk and Audit teams to demonstrate control effectiveness.

Stakeholder Engagement & Advisory : Act as a trusted security advisor to engineering, platform, and business teams. Translate technical vulnerabilities into business risk language for leadership. Influence architecture decisions without direct authority Mentor security engineers and architects.

Skill Requirements

10+ years in Cyber Security / Security Architecture, with deep focus on VulnerabilityManagement.

Strong hands-on knowledge of:

Infrastructure and application vulnerability scanning

Secure SDLC and DevSecOps practices

Cloud security (IaaS, PaaS, containers, Kubernetes)

CVE, CVSS, CWE, OWASP Top 10

Experience integrating vulnerability tools with:

CI/CD pipelines

CMDB, ticketing, and workflow platforms

Cloud-native security services

Architectural & Design Skills

Proven experience creating enterprise-scale security architectures.

Ability to balance risk reduction, usability, scalability, and cost.

Strong understanding of threat modeling and attack paths.

Experience designing risk-based prioritization frameworks.

Other Requirements

ROLE SPECIFIC TECHNICAL Skills And Competencies and Proficiency Levels*
Technical Competency Name:	Proficiency Levels
SBOM	Core
AWS/Azure	Expert
Graph Databases	Entry
ADO	Core
OWASP Top 10	Core
CVE, CVSS, CWE	Advanced
Stakeholder Management	Core

Information at a Glance

Why HCLTech?

At HCLTech, you'll supercharge your potential. You'll find your career. And you'll find your spark. All at a place that knows that helping its customers stay on top starts by putting its people first.

HCLTech is a global technology company, home to more than 226,300 people across 60 countries, delivering industry-leading capabilities centered around digital, engineering, cloud and AI, powered by a broad portfolio of technology services and products. We work with clients across all major verticals, providing industry solutions for Financial Services, Manufacturing, Life Sciences and Healthcare, Technology and Services, Telecom and Media, Retail and CPG, and Public Services. Consolidated revenues as of 12 months ending December 2025 totaled $14.5 billion.

23 Benefits At HCLTech, we believe in empowering our employees with comprehensive benefits that support their professional growth and enhance their well-being. When you sign up for a career with us, you gain access to: https://rmkcdn.successfactors.com/147eb21f/a701dca9-f32d-4fc9-9447-6.svg Industry-benchmarked compensation https://rmkcdn.successfactors.com/147eb21f/b0c54381-ddcc-4a33-9b35-9.svg Best-in-class healthcare benefits https://rmkcdn.successfactors.com/147eb21f/b73027be-7aae-4d36-a090-4.svg Personal time off https://rmkcdn.successfactors.com/147eb21f/d5b4fdfd-2e99-4e26-9878-9.svg Maternity and paternity benefits https://rmkcdn.successfactors.com/147eb21f/3d42b0fc-4652-435a-9ece-c.svg Access to skills / higher education programs/resources https://rmkcdn.successfactors.com/147eb21f/aeddeaf2-9e25-4584-ad11-d.svg Discounts on products and services via Benefit Box https://rmkcdn.successfactors.com/147eb21f/a9609a3b-2700-4b3c-9d90-a.svg Participate in CSR programs and live life with a purpose https://rmkcdn.successfactors.com/147eb21f/c6e33851-710f-4634-bd69-f.svg Opportunities to grow and advance your career Note: The benefits listed above vary depending on the nature of your employment and the country where you work. Some benefits may be available in some countries but not in all.

Provider	Description	Enabled
Vimeo	Vimeo is a video hosting, sharing, and services platform focused on the delivery of video. Opting out of Vimeo cookies will disable your ability to watch or interact with Vimeo videos. Cookie Policy Privacy Policy Terms and Conditions	Consent to cookies from provider Vimeo
YouTube	YouTube is a video-sharing service where users can create their own profile, upload videos, watch, like, and comment on videos. Opting out of YouTube cookies will disable your ability to watch or interact with YouTube videos. Cookie Policy Privacy Policy Terms and Conditions	Consent to cookies from provider YouTube

Provider	Description	Enabled
Google Analytics	Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Cookie Information Privacy Policy Terms and Conditions	Consent to cookies from provider GoogleAnalytics
Google Tag Manager	Google Tag Manager is a tag management system for conversion tracking, site analytics, remarketing, and more. Privacy Policy Terms and Conditions	Consent to cookies from provider GoogleTagManager
LinkedIn	LinkedIn is an employment-oriented social networking service. We use the Apply with LinkedIn feature to allow you to apply for jobs using your LinkedIn profile. Opting out of LinkedIn cookies will disable your ability to use Apply with LinkedIn. Cookie Policy Cookie Table Privacy Policy Terms and Conditions	Consent to cookies from provider LinkedIn