Information Security Engineer

This role is for one of the Weekday's clients

Salary range: Rs 550000 - Rs 1050000 (ie INR 5.5 - 10.5 LPA)

Min Experience: 3 years

Location: Bengaluru

JobType: full-time

We are seeking an Information Security Engineer skilled in both security engineering and GRC. This hybrid position is perfect for a candidate who thrives on hands-on technical tasks as well as managing compliance, risk, and audit duties.

Key Responsibilities

Cloud & Infrastructure Security

• Protect and oversee cloud and container environments (AWS/EKS)
• Deploy IAM, network security, and encryption measures
• Assess Infrastructure-as-Code (Terraform/Helm) for potential risks
• Operate tools such as EDR, CSPM, WAF, and cloud security solutions
• Establish logging, monitoring, and SIEM integrations

Vulnerability Management & Security Operations

• Oversee the vulnerability management lifecycle including scanning, triage, and remediation
• Coordinate penetration testing and bug bounty initiatives
• Assist with incident response and perform root cause analyses
• Maintain and update incident response runbooks

Governance, Risk & Compliance (GRC)

• Manage the ISMS, including policies, risk registers, and controls
• Support and prepare for audits such as ISO 27001, SOC 2, RBI, and DPDP
• Conduct risk assessments and vendor evaluations
• Assist with data privacy and regulatory compliance efforts

Access & Control Assurance

• Carry out access reviews and validate asset inventories
• Monitor control effectiveness and service level agreements (SLAs)
• Contribute to security awareness programs

Required Skills & Qualifications

• Bachelor’s degree in Computer Science, IT, Cybersecurity, or a related discipline
• 3 to 5 years of experience in security engineering, cloud, or GRC domains
• Strong expertise in Linux, networking, IAM, and encryption technologies
• Hands-on experience with AWS security; familiarity with GCP or Azure is an advantage
• Knowledge of standards such as ISO 27001, SOC 2, and various risk frameworks
• Proficient in basic scripting languages like Bash or Python
• Experience using Jira, Confluence, and GRC management tools
• Excellent communication and documentation abilities

Preferred Qualifications

• Certifications including AWS Security, ISO 27001, or Security+
• Experience with EDR/XDR, SIEM, CSPM/CNAPP, and WAF technologies
• Familiarity with GDPR and DPDP regulations
• Background in container security

Skills

AWS

EDR

CSPM

SIEM integrations

Vulnerability Management

GRC