Sr. Security Compliance Engineer

Pratiti Technologies Pvt. Ltd.

Job Location:

Pune - India

Salary: Not Disclosed

Experience Required: 3years

Posted on: Yesterday

Vacancies: 1 Vacancy

Job Summary

Sr. Security Compliance Engineer

Responsibilities

Engineering & Implementation: Designing and implementing secure compliant controls within cloud and IT infrastructure often using "policy-as-code".
Audit & Risk Management: Conducting internal audits managing third-party risk and providing evidence for external assessments in alignment with national and international regulations.
Policy & Documentation: Creating managing and enforcing information security policies procedures and technical standards.
Vulnerability Management: Identifying security gaps and driving remediation in partnership with IT DevOps and engineering teams.
Monitoring & Tools: Maintaining continuous monitoring of security controls and utilizing automation to reduce manual audit work.
Implement security measures and compliance controls within our backend systems focusing on cloud environments like AWS and enterprise security.
Collaborate with compliance project managers and corporate IT to adopt new compliance standards integrate them with existing security solutions and collect evidence for external audits.
Enhance data protection conduct risk assessments and ensure systems comply with standards like GDPR SOC2 or ISO.
Ensure controls are configured correctly and integrated into the security strategy
Identify and mitigate vulnerabilities ensuring both security and compliance across systems.
Stay updated on security technologies and compliance regulations applying this knowledge to improve our infrastructure.
Works with the engineering team to build secure and compliant software development practices.
Manage application patching and update AWS configurations using Terraform to maintain system integrity and performance.
Work with the team to conduct regular audits to ensure compliance with internal policies and procedures relevant security standards best practices regulations and client requirements to identify gaps and provide remediation solutions.
Staying up to date on the latest AI developments is an added value but not required

Qualifications

Bachelors degree in Computer Science Information Systems Security or a related field.
4 years of experience within a security and compliance function
3 years of experience in GRC (Governance Risk and Compliance) security operations or audits.
Experience with vulnerability management tooling remediation and processes
Experience with Docker Terraform AWS
Understanding of concepts related to Systems Engineering/DevOps IaC IAM network security systems security cryptography privacy
Understanding of compliance frameworks (e.g. GDPR SOC2 ISO) and security best practices.
Strong expertise in cloud security and compliance particularly with AWS.

An understanding of best practices and how to implement them at a business-wide level.

Have a wide understanding of cybersecurity and data protection with frameworks such as SOC 2 ISO 27001 NIST DPDPA or GDPR.
Technical proficiency in scripting (Python Bash PowerShell) and security tools.
Strong understanding of cloud security (AWS Azure etc.).

Critical thinking skills and the ability to solve problems as they arise.
Direct experience with International and National Laws and Requirements.
Knowledge of disaster recovery computer forensic tools technologies and methods around data protection.
Experience planning researching and developing policies standards and procedures to align with companys strategy and best practices.
Experience in NIST 800 series standards and NIST Privacy Framework preferred.

Knowledge of Large Language Models (LLMs) and secure compliant integration.

Ability to communicate identified issues to peers and management.
Analyze systems and seek improvements on a continuous basis.
Deep understanding of how artificial intelligence works is an added value but not required
Attention to detail and concentration

This role is critical for reducing organizational risk while enabling product teams to move quickly without compromising security posture.

Required Skills:

Security Engineer

Required Education:

B.E.

Sr. Security Compliance Engineer ResponsibilitiesEngineering & Implementation: Designing and implementing secure compliant controls within cloud and IT infrastructure often using "policy-as-code".Audit & Risk Management: Conducting internal audits managing third-party risk and providing evidence for...

Sr. Security Compliance Engineer

Responsibilities

Engineering & Implementation: Designing and implementing secure compliant controls within cloud and IT infrastructure often using "policy-as-code".
Audit & Risk Management: Conducting internal audits managing third-party risk and providing evidence for external assessments in alignment with national and international regulations.
Policy & Documentation: Creating managing and enforcing information security policies procedures and technical standards.
Vulnerability Management: Identifying security gaps and driving remediation in partnership with IT DevOps and engineering teams.
Monitoring & Tools: Maintaining continuous monitoring of security controls and utilizing automation to reduce manual audit work.
Implement security measures and compliance controls within our backend systems focusing on cloud environments like AWS and enterprise security.
Collaborate with compliance project managers and corporate IT to adopt new compliance standards integrate them with existing security solutions and collect evidence for external audits.
Enhance data protection conduct risk assessments and ensure systems comply with standards like GDPR SOC2 or ISO.
Ensure controls are configured correctly and integrated into the security strategy
Identify and mitigate vulnerabilities ensuring both security and compliance across systems.
Stay updated on security technologies and compliance regulations applying this knowledge to improve our infrastructure.
Works with the engineering team to build secure and compliant software development practices.
Manage application patching and update AWS configurations using Terraform to maintain system integrity and performance.
Work with the team to conduct regular audits to ensure compliance with internal policies and procedures relevant security standards best practices regulations and client requirements to identify gaps and provide remediation solutions.
Staying up to date on the latest AI developments is an added value but not required

Qualifications

Bachelors degree in Computer Science Information Systems Security or a related field.
4 years of experience within a security and compliance function
3 years of experience in GRC (Governance Risk and Compliance) security operations or audits.
Experience with vulnerability management tooling remediation and processes
Experience with Docker Terraform AWS
Understanding of concepts related to Systems Engineering/DevOps IaC IAM network security systems security cryptography privacy
Understanding of compliance frameworks (e.g. GDPR SOC2 ISO) and security best practices.
Strong expertise in cloud security and compliance particularly with AWS.

An understanding of best practices and how to implement them at a business-wide level.

Have a wide understanding of cybersecurity and data protection with frameworks such as SOC 2 ISO 27001 NIST DPDPA or GDPR.
Technical proficiency in scripting (Python Bash PowerShell) and security tools.
Strong understanding of cloud security (AWS Azure etc.).

Critical thinking skills and the ability to solve problems as they arise.
Direct experience with International and National Laws and Requirements.
Knowledge of disaster recovery computer forensic tools technologies and methods around data protection.
Experience planning researching and developing policies standards and procedures to align with companys strategy and best practices.
Experience in NIST 800 series standards and NIST Privacy Framework preferred.

Knowledge of Large Language Models (LLMs) and secure compliant integration.

Ability to communicate identified issues to peers and management.
Analyze systems and seek improvements on a continuous basis.
Deep understanding of how artificial intelligence works is an added value but not required
Attention to detail and concentration

This role is critical for reducing organizational risk while enabling product teams to move quickly without compromising security posture.

Required Skills:

Security Engineer

Required Education:

B.E.