Security Engineer 1

Zerodha Fund House

Enabling the Next Generation of Indian Investors

At Zerodha Fund House, we are redefining the mutual funds landscape to create simple, transparent, and cost-effective investment solutions for millions of Indians. Built by the pioneers behind Zerodha Broking Ltd and Case Platforms Ltd, we are on a mission to empower the next 10 crore investors in India to participate in and grow the capital markets.

We are expanding our team and seeking passionate, analytical, and detail-oriented individuals to join us.

Role : Security Engineer 1

Key Responsibilities

• Cloud Infrastructure Security: Assist in securing our cloud environments by implementing identity and access management (IAM) policies, network security groups, and encryption protocols.
• Monitoring & Incident Response: Monitor cloud security posture using native cloud tools and SIEMs. Assist in investigating and responding to security alerts.
• DevSecOps Integration: Collaborate with DevOps teams to integrate security scanning (SAST/DAST, container vulnerability scanning) into CI/CD pipelines.
• Vulnerability Management: Perform regular vulnerability assessments of cloud resources and work with engineering teams to patch and remediate findings in a timely manner.
• Compliance & Auditing: Support the compliance team by gathering evidence and ensuring cloud configurations align with industry frameworks.
• Automation: Help automate repetitive security tasks and guardrails using scripting (Python, Bash) or Infrastructure as Code.
  
  

Required Qualifications

• Experience: 1.5 to 3 years of experience in Security and DevOps, with at least 1 year focused specifically on cloud security.
• Cloud Platform Knowledge: Hands-on experience with AWS and cloud security tools such as AWS Security Hub, GuardDuty, Inspector, etc.
• Technical Skills:
• Solid understanding of cloud networking (VPCs, firewalls, routing) and IAM.
• Familiarity with Infrastructure as Code (IaC) principles.
• Basic scripting skills (e.g., Python, Bash) for automation.
• Security Fundamentals: Strong grasp of core security concepts (encryption, principle of least privilege, zero trust, vulnerability management).
• Collaboration: Excellent communication skills and a team-player mindset.
  
  

Preferred Qualifications (Nice To Have)

• Relevant industry certifications.
• Experience with containerisation and Kubernetes security.
• Familiarity with Indian compliance frameworks.
• Familiarity with application security.