Synapse XTL
Website:
thesynapses.com
Job details:
The Security Engineer is the day-to-day execution arm of our security function. You will run security operations, partner with software development and product teams to ship securely, harden our hosted applications and cloud environments, and respond to security events. You will translate the strategy and standards set by the Security Architect into working pipelines, tools, and defenses, and you will be the first responder for anything security-related across engineering and corporate IT.
Experience: 5-8 years
Location: Mumbai/Pune (on-site)
Key Responsibilities:
Security Operations & Monitoring-
- Operate and tune the security monitoring stack across AWS, Azure, and M365: SIEM, EDR (Defender for Endpoint), CSPM, and cloud-native logging (CloudTrail, GuardDuty, Security Hub, Defender for Cloud).
- Triage alerts, perform initial investigation, contain incidents, and escalate to the Security Architect for major events.
- Maintain incident response runbooks and conduct regular tabletop drills with engineering and IT.
- Run vulnerability management end-to-end: scanning, prioritization, ticketing, SLA tracking, and remediation follow-through.
- Manage threat intelligence feeds and translate them into detections and advisories for the team.
Cloud & Application Security-
- Harden AWS and Azure environments: IAM least-privilege reviews, network controls, KMS / Key Vault hygiene, public-exposure checks, and CIS benchmark conformance.
- Embed security controls into CI/CD: SAST, DAST, SCA, IaC scanning, container image scanning, and secrets detection; remediate findings with engineering teams.
- Perform threat modeling and security design reviews for new features, services, and AI/agentic components.
- Run periodic application security assessments and coordinate external penetration tests; manage findings to closure.
- Support secure deployment of LLM-powered features: API gateway controls, rate limiting,
- prompt/response logging, output filtering, and red-team testing of model behaviors.
Identity, Endpoint & Workforce Security-
- Operate Entra ID, Conditional Access, MFA, PIM, and SSO integrations; perform periodic access reviews.
- Manage Intune policies for MDM/MAM; ensure endpoint baselines, encryption, and patch posture across the hybrid workforce.
- Operate email security, anti-phishing, and DLP controls within M365; investigate phishing reports and user-reported incidents.
- Run security awareness campaigns, phishing simulations, and onboarding/offboarding security tasks.
Internal Enablement & Customer Support-
- Be the first point of contact for software development, product, and IT teams on security questions; provide pragmatic, unblocking guidance.
- Support hosted application security: customer-facing security configurations, log/audit support, and security incident communications under the Architect's guidance.
- Assist GRC by gathering technical evidence in Sprinto and supporting customer security questionnaires and audits.
Required Qualifications:
- 5–8 years of hands-on experience in security engineering, security operations, or DevSecOps.
- Strong AWS security operations skills: IAM, VPC, KMS, GuardDuty, Security Hub, Inspector, Config; working knowledge of Azure equivalents.
- Practical experience with M365 security: Entra ID, Intune, Defender for Endpoint / Office 365, Purview DLP.
- Solid scripting/automation skills (Python, Bash, PowerShell) and comfort with infrastructure-as- code (Terraform / CloudFormation).
- Experience integrating security tooling into CI/CD pipelines (GitHub Actions, GitLab CI, Jenkins, or similar).
- Hands-on incident response experience: log analysis, host/network forensics basics, and containment.
- Working knowledge of OWASP Top 10, CIS Benchmarks, MITRE ATT&CK, and at least introductory familiarity with OWASP Top 10 for LLMs.
- Strong communication skills and a collaborative, engineering-friendly working style.
Preferred Qualifications:
- Experience securing AI/ML or LLM-based products in production.
- Exposure to ISO 27001 / SOC 2 / ISO 27701 control implementation; experience with Sprinto, Drata, or Vanta.
- Container and Kubernetes security experience (EKS/AKS, image signing, runtime security).
- Certifications such as AWS Security Specialty, Azure Security Engineer (AZ-500), CompTIA Security+/CySA+, GCIH, GCIA, OSCP, or equivalent.
Interested candidates can share their resumes at g.punjabi@thesynapses.com or DM directly for more details.
Click on Apply to know more.