Security Architecture and Data Protection Questions

Design and governance of security across application and infrastructure layers. Topics include encrypting data at rest and in transit, key management and secrets handling, identity and access management and role based access control, secure service authentication, network segmentation and zero trust approaches, secure configuration and vulnerability management, threat modeling and secure design reviews, operational detection and incident response procedures, data residency and regulatory obligations for protecting payment and personally identifiable information, and collaboration between security engineering operations and legal functions. Candidates should discuss trade offs between security controls and user experience as well as how to scale security practices globally.