Weekday (YC W21)
Website:
weekday.works
Job details:
This role is for one of the Weekday's clients
Salary range: Rs 550000 - Rs 1050000 (ie INR 5.5 - 10.5 LPA)
Min Experience: 3 years
Location: Bengaluru
JobType: full-time
We are seeking an Information Security Engineer skilled in both
security engineering and GRC. This hybrid position is perfect for a candidate who thrives on hands-on technical tasks as well as managing compliance, risk, and audit duties.
Requirements
Key Responsibilities
Cloud & Infrastructure Security
- Protect and oversee cloud and container environments (AWS/EKS)
- Deploy IAM, network security, and encryption measures
- Assess Infrastructure-as-Code (Terraform/Helm) for potential risks
- Operate tools such as EDR, CSPM, WAF, and cloud security solutions
- Establish logging, monitoring, and SIEM integrations
Vulnerability Management & Security Operations
- Oversee the vulnerability management lifecycle including scanning, triage, and remediation
- Coordinate penetration testing and bug bounty initiatives
- Assist with incident response and perform root cause analyses
- Maintain and update incident response runbooks
Governance, Risk & Compliance (GRC)
- Manage the ISMS, including policies, risk registers, and controls
- Support and prepare for audits such as ISO 27001, SOC 2, RBI, and DPDP
- Conduct risk assessments and vendor evaluations
- Assist with data privacy and regulatory compliance efforts
Access & Control Assurance
- Carry out access reviews and validate asset inventories
- Monitor control effectiveness and service level agreements (SLAs)
- Contribute to security awareness programs
Required Skills & Qualifications
- Bachelor's degree in Computer Science, IT, Cybersecurity, or a related discipline
- 3 to 5 years of experience in security engineering, cloud, or GRC domains
- Strong expertise in Linux, networking, IAM, and encryption technologies
- Hands-on experience with AWS security; familiarity with GCP or Azure is an advantage
- Knowledge of standards such as ISO 27001, SOC 2, and various risk frameworks
- Proficient in basic scripting languages like Bash or Python
- Experience using Jira, Confluence, and GRC management tools
- Excellent communication and documentation abilities
Preferred Qualifications
- Certifications including AWS Security, ISO 27001, or Security+
- Experience with EDR/XDR, SIEM, CSPM/CNAPP, and WAF technologies
- Familiarity with GDPR and DPDP regulations
- Background in container security
Skills
AWS
EDR
CSPM
SIEM integrations
Vulnerability Management
GRC
Click on Apply to know more.