Senior Information Security Engineer

Job Title: Senior Information Security Engineer

Location: Bengaluru (Work From Office) - Hybrid

Experience: 3–7 years

Job Summary:

We are looking for a hands-on Security Engineer to work across multiple security domains—cloud, application security, compliance, incident response, and automation. You will collaborate with engineering, DevOps, and IT teams to design, implement, and continuously improve security controls for infrastructure and products.

Key Responsibilities:

• Design and implement secure infrastructure and application architecture.
• Provide security guidance to engineering and DevOps teams.
• Implement, monitor, and improve cloud security controls (preferably Azure).
• Assist in preparation for security audits; develop and update security policies and procedures.
• Manage the vulnerability management lifecycle: scanning, prioritization, remediation tracking.
• Monitor security alerts and participate in incident response investigations.
• Automate security tasks using scripting (Python, Bash).
• Research emerging threats, tools, and security practices; propose innovative improvements.
• Work on AI integration in SaaS products, ensuring alignment with AI compliance standards like ISO 42001.

Technical Skills:

• Scripting languages: Python, Bash
• Cloud platforms: Azure (preferred), AWS, GCP
• Containerization: Docker, Kubernetes
• Network security: TCP/IP, firewalls, VPNs
• Vulnerability management and incident response
• Familiarity with compliance frameworks: ISO 27001, SOC 2, HIPAA
• AI integration and AI security awareness in SaaS products

Soft Skills:

• Innovative, curious, and problem-solving mindset
• Strong communication skills for technical and non-technical audiences
• Proactive, ambitious, and able to take ownership

Preferred (Good to Have):

• Relevant certifications: Azure Security Engineer, OSCP, CEH, CISSP (optional)
• Prior startup or product-based company experience