Senior Engineer Infra, Compliance & Security
Share
Job Location:
Monthly Salary:
Posted on:
12 hours ago
Vacancies:
1 Vacancy
Job Summary
Were looking for a Senior Engineer with strong security experience (Data Privacy & Compliance) with strong experience in Python Terraform and AWS.
Youll play a key role in designing and maintaining secure and compliant infrastructure automating compliance controls and ensuring our systems meet global data privacy and security standards such as SOC 2 GDPR and ISO 27001 etc.
While your core focus will be on infrastructure security compliance automation and AWS you may be required to develop other technology based modules such as Python Ruby on Rails internal documentation or broader DevSecOps initiatives.
Responsibilities:
- Architect security and data privacy solutions setup infrastructure develop common capabilities document uptake recipes and enable other developers uptake.
- Observe and monitor IT security and improve security operations on on-going basis in collaboration with the rest of the security and IT operations team.
-Implement security guardrails and baselines using Terraform and AWS native controls (Config IAM KMS CloudTrail Security Hub).
- Develop and maintain Python-based automation for compliance validation audit data collection and remediation workflows.
- Contribute to secure CI/CD BAU practices and integrate policy-as-code.
- Map and operationalize controls for GDPR SOC 2 ISO 27001 PCI DSS etc.
- Apply privacy-by-design principles for data storage access control and retention.
- work with third parties standards and compliance bodies to achieve industry certifications and maintain/improve the companies certification and compliance levels.
- Occasionally support Python and Rails applications by advising on secure configurations and dependencies.
- Help maintain documentation of security architecture risk assessments and compliance procedures.
- Partner with DevOps and Engineering teams to embed security and compliance early in design.
Requirements
- Proficient in Python for automation scripting and AWS SDK (boto3) integrations.
- Strong experience with Terraform and infrastructure-as-code best practices.
- Deep understanding of general cloud security and AWS security services (IAM KMS
- CloudTrail Config Security Hub GuardDuty).
- Solid understanding of network security identity management and data protection.
- Experience in regulated or audit-driven environments (finance SaaS etc.).
- Experience implementing security monitoring incident response automation or
- Awareness of data privacy and compliance frameworks (GDPR SOC 2 ISO 27001).
- Interest in compliance-as-code privacy-by-design or DevSecOps pipelines.
- Strong communication team mentoring process management documentation and
- Prior experience working in compliance-sensitive or regulated environments (finance SaaS healthcare).
- Exposure to Zero Trust architecture concepts and identity-based access design.
- Knowledge of policy-as-code or security automation (OPA Checkov tfsec Sentinel).
- Familiarity with Web apps including Rails application security (headers CSRF secrets management).
Benefits
Provident Fund Medical Inpatient Facility Medical Outpatient Facility Paid Overtime In-house Subsidized Lunch & Dinner Gym Facility Entertaining Activities Interest Free Loan Facility Advance Salaries and Sports Allowance.
Required Experience:
Senior IC
Key Skills
- Compliance Management
- Risk Management
- Financial Services
- PCI
- Banking
- Cost Accounting Standards
- Quality Systems
- Research Experience
- NIST Standards
- Securities Law
- SOX
- ISO 27000
About Company
Devsinc helps startups, enterprises and public sector clients accelerate their technology life cycle, by unlocking access to 2,000+ passionate and experienced solution providers with experience in 100+ technologies in their timezone.
