Job Description
Position Overview:
We are seeking an experienced Cyber Security Specialist to join our security team. The ideal candidate will have a minimum of 5years cyber security experience and 3+ years in application security (DevSecOps). This is a senior hands-on role requiring an individual who has previously established or significantly matured AppSec functions within modern software engineering environments.This role will form a collaboration with product engineering teams and must be capable of driving cultural change, promoting secure coding practices, and ensuring vulnerabilities (in code and architecture) are identified and remediated effectively
Key Responsibilities:
- Design and implement the Application Security Strategy, tooling roadmap, governance model, and SDLC integrations from ground up.
- Evaluate new AppSec tools (e.g SAST/DAST/SCA/Runtime protections).
- General cyber security expertise to assist Head of Cybersecurity implement strategic roadmap and strategy.
Additional Responsibilities:
- Monitor and analyze security events across cloud and on-premises environments using SIEM and security analytics tools
- Develop and maintain incident response playbooks and procedures
- Experience with threat intelligence platforms and threat hunting
- Experience with security orchestration, automation and response (SOAR) platforms
- Understanding of data protection and encryption technologies
- Experience in regulated industries (financial services, healthcare, energy)
- Background in offensive security or penetration testing
- Design, implement, and maintain security controls across cloud platforms (AWS, Azure, GCP)
- Conduct cloud security assessments and architecture reviews
- Ensure compliance with cloud security best practices and frameworks (CIS Benchmarks, CSA CCM, NIST)
- Manage cloud-native security tools including CSPM, CWPP, and cloud WAF solutions
- Implement and maintain identity and access management (IAM) policies and controls
- Lead cyber security programs and coordinate remediation efforts
- Collaborate with DevOps teams to integrate security into CI/CD pipelines (DevSecOps)
- Stay current with emerging threats, vulnerabilities, and security technologies
- Contribute to security awareness training and documentation
- Facilitate Supplier Management and security input into bids
- Support compliance initiatives (SOC 2, ISO 27001, PCI-DSS, GDPR, etc.)
- Develop and enforce security policies, standards, and procedures
- Conduct security audits and risk assessments
- Maintain security documentation and metrics reporting
Required Qualifications:
- Minimum of 5 years cyber security experience
- 3+ years of hands-on experience with cloud security (AWS, Azure, or GCP)
- Proven experience leading security incidents and coordinating response efforts
- Experience with security frameworks such as NIST CSF, MITRE ATT&CK, or Zero Trust architecture
Technical Skills:
- Strong expertise in cloud security services and tools (AWS & Azure)
- Experience working with SIEM platforms (Splunk, Sentinel)
- Understanding of network security, firewalls, IDS/IPS, and VPN technologies
- Familiarity with security testing tools (vulnerability scanners, SAST/DAST, penetration testing tools)
- Experience with endpoint detection and response (EDR) solutions
Certifications (one or more preferred):
- CISSP (Certified Information Systems Security Professional)
- CCSP (Certified Cloud Security Professional)
- AWS Certified Security - Specialty
- Microsoft Certified: Azure Security Engineer Associate
Soft Skills:
- Strong analytical and problem-solving abilities
- Excellent written and verbal communication skills
- Ability to explain complex security concepts to technical and non-technical audiences
- Leadership capabilities and experience mentoring team members
- Strong attention to detail and ability to work under pressure
- Collaborative mindset with cross-functional teams
- Business Partnering experience
Education:
Bachelor's degree in Computer Science, Information Security, or related field (or equivalent experience)
Working Conditions:
Some flexibility for remote work - 2 days minimum in office (Gururgram preferred)
#LI-DB1
