Intro

As the Information Security Engineer you will be responsible for implementing the enterprise-wide information security strategy, policies, and programs. You will play a critical role in safeguarding our organisation’s data, systems, and assets while ensuring compliance with relevant regulations and standards.

Responsibilities:

Policy and Compliance:

Enforce information security policies, standards, and procedures to ensure compliance with applicable regulations and industry best practices.

Monitor and assess compliance with security policies and standards across the organisation.

Conduct regular security risk assessments and vulnerability assessments.

Security Operations:

Perform the day-to-day operations of the cybersecurity team, including incident response, threat detection, and security monitoring.

Implement and manage security technologies, tools, and solutions to protect the organisation’s assets.

Collaborate with IT and other departments to ensure the integration of security measures into all business processes and systems.

Incident Management:

Monitor response to security incidents, breaches, and data breaches, ensuring a timely and effective resolution.

Develop and maintain an incident response plan and coordinate with external incident response teams, if necessary.

Conduct post-incident analysis to identify lessons learned and areas for improvement.

Vulnerability Management

Monitor and enhance the end-to-end vulnerability management lifecycle, including continuous scanning, risk-based prioritization, remediation tracking, and executive reporting across cloud, infrastructure, and application environments.

Define and enforce vulnerability remediation SLAs and governance, collaborating with engineering and DevOps teams to drive timely fixes, integrate security into CI/CD pipelines, and reduce overall organizational risk exposure.

Security Awareness and Training:

Promote a culture of security awareness and education throughout the organisation.

Provide training and awareness programs to employees, contractors, and stakeholders.

Requirements :

Bachelor’s degree in Computer Science, Information Technology, or a related field (Master’s degree preferred).

Relevant industry certifications such as CISSP, CISM, or CISA.

Minimum of 5 years of experience in information security,

In-depth knowledge of cybersecurity best practices, standards, and frameworks like HITRUST, NIST, SOC 2

Strong understanding of applicable data protection and privacy laws especially HIPAA.

Working knowledge of any leading SIEM tool like Sentinel/Splunk

Working knowledge of any CSPM tool like Wiz/Orca

Be able to configure and monitor Security and Data Protection in cloud providers like AWS, Azure and Google Workspace

Excellent communication, leadership, and problem-solving skills.

Proven ability to collaborate with cross-functional teams and senior executives.

Work Location: Jayanagar – Bangalore.

Work Mode: Work from Office.

Benefits:

• Best-in-class compensation.
• Health insurance for Family.
• Personal Accident Insurance.
• Friendly and Flexible Leave Policy.
• Certification and Course Reimbursement.
• Medical Coding CEUs and Membership Renewals.
• Health checkup & many more!