951 Security Engineer jobs in India

Signzy is a digital trust system. We provide identification, background checks, forgery detection

and contract management systems which enable contracting in a trustable, safe, legal, and

convenient manner. Our biometric user authentication system and blockchain-based digital trail

ensure non-repudiation. This increases compliance and enforceability in the court of law. We

consist of a tech-savvy team and are backed by investors who are enthusiastic about creating

solutions with technology.

Working at Signzy

● At Signzy we breathe software and exploit the latest technologies to create the most

amazing products. We comprise a tech-savvy team and are backed by investors who are

enthusiastic about creating solutions using technology.

● Signzy is looking for an Security Engineer . If you think you have what it

takes to get the job done, this is an invitation to be a part of the future!

JD for Security Engineer-1 Role

Responsibilities:

Application Security

• Perform secure code reviews , threat modeling, and static/dynamic application security testing (SAST/DAST).
• Integrate and maintain automated scanning tools (e.g., Semgrep, Snyk, Trivy, Gitleaks) in CI/CD pipelines.
• Collaborate with developers to remediate vulnerabilities and embed security in SDLC.
• Guide on secure architecture patterns (authentication, authorization, data encryption, API security, mobile app protections like SSL pinning and mTLS).

Infrastructure & Cloud Security

• Harden cloud infrastructure (AWS/GCP/Azure), including IAM, VPC design, encryption, and network segmentation.
• Implement infrastructure-as-code security checks for Terraform, Helm, and Kubernetes deployments.
• Conduct internal and external penetration tests , configuration reviews, and vulnerability management for servers, containers, and endpoints.
• Support continuous monitoring (WAF, SIEM, EDR/MDM) and incident response

Security Assessments & Compliance

• Lead periodic security assessments : vulnerability assessments, penetration testing, firewall rule reviews, user-access audits, and network segmentation reviews.
• Document findings, track remediation, and provide risk-based recommendations.
• Assist with evidence gathering for ISO 27001, SOC 2, PCI-DSS, GDPR, and internal security audits.

Continuous Improvement

• Research emerging threats (e.g., supply-chain attacks, npm/package ecosystem risks) and recommend mitigations.
• Contribute to security runbooks, policies, and developer awareness sessions.

Qualification

Must Have

• 2–4 years of experience in application or infrastructure security engineering.
• Strong understanding of web/mobile security, OWASP Top 10, cloud security fundamentals, and Linux/Unix systems.
• Hands-on experience with CI/CD pipelines and common security tools (SAST, DAST, container scanners, SIEM/EDR).
• Hands-on with SAST/DAST tools (e.g., Burp Suite, OWASP ZAP, Semgrep, Fortify)
• Knowledge of network & OS hardening (Linux, cloud workloads).
• Experience with internal and external penetration testing methodologies.
• Familiarity with common tools: Nmap, Metasploit etc.,
• Hands on experience with Mobile application security testing (Android and iOS)
• Familiarity with threat modeling frameworks (STRIDE, MITRE ATT&CK) and SBOM management.
• Scripting or programming skills (Python, Go, Bash) for automation and custom tooling.
• Should have fundamental knowledge of cloud environments
• Security-first mindset with curiosity and analytical thinking.
• Ability to review firewall rules, ACLs, and security groups for least-privilege.
• Understanding of network segmentation and zero-trust principles.
• Ability to translate complex vulnerabilities into actionable, developer-friendly guidance.
• Collaborative approach to working with engineering, DevOps, and compliance teams.
• Strong reporting & documentation skills (writing assessment reports).
• Knowledge of security standards (ISO 27001, NIST 800-53, CIS Benchmarks).

Good to Have

• Container & K8s Security : Familiarity with Trivy, Falco, Kubescape, Kyverno.
• IaC Security : Experience with Terraform/CloudFormation scanning (Checkov, Tfsec).
• DevSecOps Integration: Embedding security tests into CI/CD (GitLab, GitHub Actions, Jenkins).
• Advanced API Security : Hands-on with API gateways (Kong, Apigee, AWS API Gateway) and WAF tuning.
• Cloud-Native Security : Experience with GuardDuty, Security Hub, AWS Config, GCP SCC.
• Emerging Areas : AI/ML model security.
• Certifications (good-to-have, not must) : OSCP or Cloud Security certs (AWS Security Specialty).

Are you an Active Directory specialist with a security mentality? We are looking for a support specialist to work within a team operating within a 24/7 service, who are responsible for maintaining users and group accounts within Active Directory (AD) to ensure optimal performance, security, and access control within our organization's network through industry standard consoles including PowerShell. You should be experienced in modifying, and deleting user and group accounts, managing permissions and access rights, troubleshooting issues, and ensuring compliance with company policies and industry benchmarks.

The Global Security Access Control (GSAC) team is responsible for maintaining users and group accounts within Active Directory (AD) to ensure optimal performance, security, and access control within our organisation's network through various industry standard consoles including PowerShell. This involves crafting, modifying, and deleting user and group accounts, managing permissions and access rights, troubleshooting issues, and ensuring compliance with company policies and industry benchmark.

Role summary:

We are looking for a Security Engineer who will perform administrative tasks relating to the design, implementation and maintenance within the AD, to protect LSEG.

Key responsibilities and skills required for this role:

• The Security Engineer will contribute to the effective operation of the GSAC processes by accepting ownership of service requests for support and to ensure they are resolved to the customer's satisfaction within agreed service levels, promoting customer confidence and satisfaction
• Work within the GSAC team on a shift pattern which includes a 24/7/365 Rota.
• Accept requests for support by telephone, email and the ServiceNow system.
• Performing all relevant Security and Access control requests in a timely fashion whilst maintaining accuracy
• Record every request for support, ensuring these records meet published support and Incident Management guidelines.
• Assess the impact of each request and take appropriate action.
• Assign requests to appropriate internal or third-party support groups where required
• Proactively monitor the progress of each request and escalate where required.
• Inform customers of the status and progress of their requests regularly via ticket updates
• Ensure incident records are updated regularly with events and action plans
• Ensure customers are satisfied before resolving their requests
• Maintain the GSAC documentation and knowledge bases
• Assist and help in the identification of problems
• Undertake any other duties as may be required by LSEG management on an ad-hoc basis
• Understanding of the ITIL / ITSM methodologies
• Good understanding of Microsoft Windows core technologies is essential.

What you'll be doing:

• User

Join our Team
About this opportunity:
We are seeking a skilled SIEM Engineer to join our Managed Security Services team. You will be responsible for designing, implementing, managing, and supporting cybersecurity solutions, with a focus on SIEM tools and incident response. This is a hands-on technical role working with internal teams, customers, and third-party vendors to ensure robust security practices.

What you will do:

• Design, deploy, and manage SIEM tools (e.g., QRadar, ArcSight, Splunk, McAfee ESM) and log integrations.
• Create, tune, and maintain detection rules and dashboards
• Investigate and respond to security incidents and alerts
• Participate in security audits, threat hunting, and compliance checks
• Research emerging threats and enhance detection capabilities
• Support configuration management, system hardening, and network defense strategies
• Collaborate across teams to improve security operations and automation

The skills you bring:

• Strong hands-on experience with SIEM platforms & SIEM tools (e.g., QRadar, ArcSight, Splunk, McAfee ESM) and log integrations
• Deep understanding of security operations, incident response, and network/system security
• Experience with scanning tools (e.g., Nessus, Qualys) and PAM solutions (e.g., CyberArk, BeyondTrust)
• Solid knowledge of Linux/Windows environments and enterprise networksFamiliar with encryption, security controls, and system hardening best practices
• Excellent analytical, troubleshooting, and communication skills

Preferred:

• Security certifications (e.g., CEH, CISSP, GCIA, GCIH)
• Experience in automation and scripting for SOC workflows
• Willingness to participate in on-call support rotation

Why join Ericsson?
At Ericsson, you´ll have an outstanding opportunity. The chance to use your skills and imagination to push the boundaries of what´ possible. To build solutions never seen before to some of the world's toughest problems. You l be challenged, but you won't be alone. You l be joining a team of diverse innovators, all driven to go beyond the status quo to craft what comes next.

What happens once you apply?
Click Here to find all you need to know about what our typical hiring process looks like.

Encouraging a diverse and inclusive organization is core to our values at Ericsson, that's why we champion it in everything we do. We truly believe that by collaborating with people with different experiences we drive innovation, which is essential for our future growth. We encourage people from all backgrounds to apply and realize their full potential as part of our Ericsson team. Ericsson is proud to be an Equal Opportunity Employer. learn more.

Primary country and city:
India (IN) | Noida

Req ID:

Join a team using leading edge security technology and processes to protect the F5 enterprise and product environment. The Security Engineer position will execute strategic processes and implement technical solutions to enable our information security program and address day-to-day security challenges amidst the industrys evolving technology landscape.

Primary Responsibilities

• Build and implement new security controls, processes and tools.
• Identify organizational risks to confidentiality, integrity, and availability, and determine appropriate mitigations.
• Leverage native Azure, GCP, and AWS cloud services to automate and improve existing security and control activities.
• Develop or implement open-source/third-party tools to assist in detection, prevention and analysis of security threats.
• Perform technical security assessments against product and enterprise cloud hosted, virtual, and on-premise systems including static and dynamic analysis, and threat modeling.
• Review and test changes to services, applications, and networks for potential security impacts.
• Collaborate with Architecture, Site Reliability Engineering and Operations teams to develop and implement technical solutions and security standards.
• Stay abreast on security best practices and secure design principles.
• Review changes to and ongoing operations of enterpise environments and supporting systems for security and compliance impacts.
• Assist in incident detection and response efforts.
• Implement zero-trust patterns with cloud agnostic tools to support enterprise business units.
• Implement, design, develop, administer, and manage enterprise security tooling.

Knowledge, Skills and Abilities

• Experience working with high-availability enterprise production environments
• Familiarity with scripting languages (e.g., (Go, Python, Ruby, Rust,etc.). and building scripts for process improvements
• Experience automating security testing and reporting outputs
• Technical knowledge and hands-on experience with security and networking security, basic networking protocols, cloud security, network security design, intrusion prevention/detection, and firewall architecture
• Experience assessing and implementing technical security controls
• Willingness to innovate and learn new technologies
• Excellent interpersonal and relationship skills with a collaborative mindset
• Knowledge or familiarity with technological stack (Big-IP, Azure, AWS, GCP, CentOS, Hashicorp Vault, Palo Alto, Qualys).
• Experience with network and application vulnerability and penetration testing tools.
• Baseline competency in administration of Microsoft Azure Cloud, Amazon Web Services (AWS), Google Cloud Platform (GCP) or equivalent public cloud infrastructure.
• Exposure to DevOps tooling, CI/CD pipelines, container orchestration, and infrastructure as code approach (e.g. Puppet, Chef, Ansible, Terraform, Jenkins, CircleCI, Artifactory, Git)
• Strong written and verbal communication skills.
• Strong self-directed work habits, exhibiting initiative, drive, creativity, maturity, self-assurance and professionalism.
• Agile, tactful, and proactive attitude that can manage prioritization and know when to escalate.

Qualifications

• B.S. or M.S. in Computer Science, Engineering, or related field, or equivalent experience.
• 3+ years of relevant security and networking experience

Key Responsibilities

• Perform vulnerability assessments across cloud platforms and workloads using Wiz, Tenable, and SonarQube.
• Classify vulnerabilities by severity, remediation type (Terraform fix, code refactor, policy update), and level of effort (LOE).
• Track, manage, and drive remediation efforts to closure, ensuring timely risk reduction.
• Integrate vulnerability scanning into AWS Image Builder pipelines to deliver hardened AMIs for Windows, Linux, Amazon Linux, and middleware workloads.
• Define and enforce tagging schemas for traceability, compliance, and reporting across images and container workloads.
• Develop and implement security policies, procedures, and governance frameworks to enhance organizational security posture.
• Partner with DevOps and development teams to embed security practices into CI/CD pipelines (GitHub Actions, Spacelift, Jenkins, GitLab CI).
• Automate workflows for image release notifications, deprecations, and vulnerability alerts.
• Design and maintain dashboards to track vulnerability aging, adoption, risk trends, and remediation progress.
• Provide knowledge

About the Role:

Drive security excellence across our technology stack whilst enabling business innovation. This role demands a generalist mindset with deep expertise, combining hands-on technical capability with strategic thinking to protect and enable Quantium's data-driven business.

Key Responsibilities:

• Security Platform Ownership: end-to-end responsibility for critical security platforms
• Detection and Response: real-time monitoring of security systems and applications, investigating anomalies, and escalating critical events to senior security and IT staff
• Risk-based decision making: independently assess, prioritise and remediate security risks aligned to business impact
• Cross-domain security: impact across multiple domains such as cloud security, application security, infrastructure security initiatives, detection and response etc.
• Collaborate: Partner with internal stakeholders to improve security outcomes, as well as with internal development teams to build pragmatic security solutions
• Drive automation of repetitive security tasks
• Show strong ownership of security issues and work to resolve and escalate where needed
• Contribute to security strategy and roadmap development

Experience, Education & Skills:

• Demonstrated experience across at least 3 security domains (network, cloud, application, identity, AI, offensive, defensive, response, forensics etc.)
• Five years of experience in cybersecurity
• Track record of owning security outcomes end-to-end
• Experience translating technical risks into business language
• Provide ability to influence without authority
• Technical breadth
• Ownership mindset

The Following Skills and Experience Would Be an Advantage:

• Experience with AI Security practices and securing AI/ML systems
• Experience with Shift Left Security practices, including secure coding, DevSecOps, and security integration in CI/CD pipelines
• Experience with Cloud (Azure, GCP, AWS) Security configuration, and monitoring
• Experience with CSPM and CNAPP tools and methodologies
• Using tools like Terraform, Azure ARM templates, or GCP Deployment Manager

What Does Success Look Like?

• Drive measurable security risk reduction
• Proactive identification of issues and continuous improvement of security capabilities
• Help build a strong security culture
• Ensure operational excellence

Key People and Leadership Capabilities:

1. Self-aware - you leverage diversity across people, tasks, and projects, taking responsibility for self and others.

2. Agile and innovative - you possess strong lateral thinking skills.

3. Achieve and perform - you have exceptional execution skills and are achievement focused.

4. Purposeful and aligned - you can set clear, tangible objectives which deliver against your performance objectives.

5. Achievement oriented - you effectively facilitate challenging performance related conversations in a timely and appropriate manner.

Project Role :
Security Engineer

Project Role Description :
Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats.

Must have skills :
Product Security

Good to have skills :
NA

Minimum 3 Year(s) Of Experience Is Required
Educational Qualification :
15 years full time education

Summary: As a Security Engineer, you will apply your security skills to design, build, and protect enterprise systems, applications, data, assets, and people. A typical day involves collaborating with various teams to assess security risks, implementing protective measures, and ensuring compliance with security policies. You will engage in proactive monitoring of systems and respond to potential threats, all while maintaining a focus on safeguarding information and business processes against cyber threats. Roles & Responsibilities: - Expected to perform independently and become an SME. - Required active participation/contribution in team discussions. - Contribute in providing solutions to work related problems. - Conduct regular security assessments and audits to identify vulnerabilities. - Develop and implement security policies and procedures to enhance organizational security. Professional & Technical Skills: - Must To Have Skills: Proficiency in Product Security. - Good To Have Skills: Experience with threat modeling and risk assessment. - Strong understanding of security frameworks and compliance standards. - Experience with security tools and technologies for monitoring and incident response. - Knowledge of secure coding practices and application security testing. Additional Information: - The candidate should have minimum 3 years of experience in Product Security. - This position is based at our Hyderabad office. - A 15 years full time education is required.

Role: The Security Operations (SOC) - Engineer is responsible for monitoring the environment, identifying, reporting, and responding to security threats that put the organization at risk. The primary function of this position is to monitor the security tools and perform alert management and initial incident qualification.

Job Description

• Acknowledge, analyze, and validate incidents triggered from multiple security tools like IDS/IPS, Web Application Firewall, Firewalls, Endpoint Detection & Response tools, and events through SIEM solution

• Acknowledge, analyze, and validate incidents received through other reporting mechanisms such as email, phone calls, management directions, etc.

• Collection of necessary logs that could help in the incident containment and security investigation

• Escalate validated and confirmed incidents to Security administrators

• Undertake first stages of false positive and false negative analysis

• Understand the structure and the meaning of logs from different log sources such as FW, IDS/IPS, WAF, Windows DC, Cloudflare, AV and antimalware software, O365 email security etc.

• Open incidents in ticketing platform to report the alarms triggered or threats detected.

• Track and update incidents and requests based on updates and analysis results

• Report infrastructure issues to the IMS Team

• Working with vendors to work on security issues.

• Perform other duties as assigned

Skills:

• Strong security knowledge

• Should have expertise on TCP/IP network traffic and event log analysis

• Experience with Linux, Windows and Network Operating Systems required.

• Knowledge and hands-on experience in management of IDS/IPS, Firewall, VPN, and other security products

• Experience in Security Information Event Management (SIEM) tools, creation of basic co-relation rules, and administration of SIEM

• Knowledge and hands-on experience in Log management & Endpoint detection and response tools

• Knowledge of ITIL disciplines such as Incident, Problem and Change Management

• Strong interpersonal skills including excellent written/verbal communication skills

Interview Process:

• Technical Interview
• HRBP Interview

Consent: Consent: we will use your resume for current full-time job openings with us and retain it for future opportunities