Security Operations (SecOps) Engineer
Security Operations (SecOps) Engineer
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Security Operations (SecOps) Engineer
Location: Bangalore
Team: Security & Compliance
Reports to: Engineering Manager Platform & Security
About Josys
Josys is on a mission to redefine enterprise IT operations through automation visibility and security. As we continue to scale globally securing our cloud-native infrastructure and application ecosystem is more critical than ever. We are looking for a passionate Security Operations Engineer to join our security team and help strengthen our defenses and practices across the cloud.
Job Summary
As a Senior SecOps Engineer youll lead the design and implementation of security controls across cloud infrastructure CI/CD pipelines and application layers. Youll act as a subject matter expert in both preventive and detective controls vulnerability management and compliance enforcement. We are looking for someone hands-on with a deep understanding of cloud and application security especially across AWS data privacy and regulatory frameworks.
Key Responsibilities
1. Cloud Security Monitoring & Compliance
Configure and optimize AWS-native security tools like Security Hub GuardDuty Config CloudTrail for real-time detection and compliance.
Drive Cloud Gap Assessments and security posture reviews across multi-account AWS environments.
Ensure alignment with standards like CIS ISO 27001 SOC 2 and regulatory requirements including GDPR and data residency controls.
2. Incident Response & Remediation
Lead investigation and remediation efforts in partnership with L1 support and SRE teams.
Perform root cause analysis implement fixes and establish preventive controls.
Build runbooks define escalation processes and improve incident response automation.
3. Secure DevOps & CI/CD Integration
Integrate automated security tools in CI/CD for both infrastructure and applications (e.g. SAST DAST IaC scanning).
Implement IaC policy enforcement using tools such as tfsec Checkov or OPA.
Embed security gates and practices early in the software development lifecycle.
4. Penetration Testing & Vulnerability Management
Conduct or coordinate regular penetration testing using tools like Burp Suite OWASP ZAP or via third-party assessors.
Manage end-to-end vulnerability lifecycle from discovery through remediation.
Translate findings into developer-friendly guidance and track fixes to closure.
5. Continuous Improvement & Security Awareness
Stay current with cloud security trends vulnerabilities and threats.
Drive security awareness training and contribute to improving engineering security hygiene.
Influence architectural decisions by embedding security principles into project planning.
Required Qualifications
58 years of experience in cloud security application security or security operations roles.
Deep knowledge of AWS security architecture IAM networking and encryption practices.
Hands-on experience with security testing tools like Burp Suite OWASP ZAP Nmap and cloud-native monitoring tools.
Strong grasp of compliance frameworks including GDPR SOC 2 ISO 27001 and data residency considerations.
Solid scripting or automation skills (e.g. Python Bash Terraform).
Must hold at least one relevant certification:
AWS Certified Security Specialty
CISSP (Certified Information Systems Security Professional)
CCSP (Certified Cloud Security Professional)
Nice to Have
Experience with container security (e.g. EKS Docker) and runtime protection tools.
Familiarity with security operations platforms (e.g. Splunk ELK or SIEM tools).
Experience working in fast-paced SaaS or DevOps-centric environments.
Why Join Us
Work on a global SaaS platform at the cutting edge of IT automation and cloud security.
Lead initiatives that shape how modern enterprises manage risk.
Join a culture of ownership innovation and collaboration.
Remote-friendly work culture with high-impact opportunities.
Employment Type
Full-Time
