Search by job, company or skills

Arcana

Principal Security Engineer

Save
  • Posted 3 days ago
  • Be among the first 10 applicants
Early Applicant

Job Description

Principal Security Engineer

Location: Bangalore (Hybrid)

As our Principal Security Engineer, you'll own and elevate Arcana's overall security posture - cloud, on-prem, and everything in between. You'll design and enforce policies, automate controls, and harden infrastructure end-to-end. While your primary focus will be on our GCP resources, you'll also partner with teams across networking, applications, and compliance to ensure we're secure by design and resistant to drift.

Responsibilities:

  • Enterprise Security Architecture - Governance and Compliance, including driving adherence to ISO 27001, SOC 2, GDPR, and enforcing CIS benchmarks on all infrastructure.
  • Policy, Automation, and Guardrails - own the end-to-end security lifecycle by defining policy-as-code, embedding continuous compliance checks into CI/CD, and building automated, drift-resistant guardrails across cloud, containers, and VMs.
  • Infrastructure Hardening and Drift Detection - implement automated drift alerts and self-healing playbooks for VPCs, firewall rules, Kubernetes clusters, and endpoints.
  • Monitoring, Logging, and Incident Response - configure Cloud Audit Logs, SIEM exports, and custom alerts for critical security events; lead root-cause investigations, build detection logic, and develop runbooks for cloud-wide incidents.
  • Define security checkpoints for new products and features

Requirements:

  • 8+ years driving security and compliance in dynamic, regulated environments- securing cloud-native platforms and hybrid infrastructures, with deep familiarity in fintech and portfolio-management standards, and best practices for supporting distributed, remote teams.
  • Deep expertise with GCP security (IAM, KMS, VPC Service Controls, Cloud Logging/Audit, WAF, SecOps) and Kubernetes application hardening.
  • Strong Infrastructure-as-Code skills (Terraform or equivalent) and GitOps experience (ArgoCD, Flux).
  • Proficiency in Appsec and Secops tools.
  • Proficiency in Python scripting and policy-as-code frameworks (OPA, Gatekeeper).
  • Excellent communicator - able to translate technical findings into clear policies and remediation plans.

Helpful Experience:

  • Familiarity with multi-cloud security controls.
  • Security certifications (GCP Professional Security Engineer, CISSP, CKA/CKS).
  • Experience with service mesh (Istio/Anthos) or zero-trust architectures.

More Info

Job Type:
Industry:
Employment Type:

About Company

Job ID: 150663189

Similar Jobs

Bengaluru, India

Skills:

cloud securityKmsTerraformKubernetesPythonagentic identityGoencryption-at-restattack surface managementagentic workflowsOAuth 2.0multi-agent state managementagentic sandboxingLLM orchestrationcontainer orchestrationOIDC

Bengaluru, India

Skills:

saml 2.0 SplunkAWS IAMKerberosJavaCryptographic Key ManagementKubernetesKotlinDockerSignalFxOAuth 2.0GCP IAMGoingress and egress authenticationES256OPARegoservice-to-service authenticationRS256mTLSJWT-based protocolsOIDC