About Xeo Software At Xeo, we build enterprise-grade software with a focus on performance, reliability, and scalability. We're expanding our presence in India and seeking a security expert to help us raise the bar by securing our infrastructure, applications, and deployment pipelines from the ground up. If you're the kind of engineer who can walk into a system, spot weaknesses before attackers do, and harden environments without being told what tool to use we'd like to meet you. Our Core Values Come First At Xeo Software, we believe skills can be taught, but values must be shared. To thrive here, you must not only be technically strong you must live out the principles that define how we work together and with our clients. Two-Way Candor We speak directly and respectfully, even when conversations are hard. We invite honest feedback and give it in return, knowing it strengthens trust and outcomes. Excellence & Professionalism We take pride in doing things right the first time. That means going beyond good enough polishing details, documenting solutions, and holding ourselves to the highest standard. Continuous Learning Technology evolves fast, and so do we. We actively seek out new tools, share knowledge with teammates, and integrate innovations that drive better results. Loyalty to Team & Clients We succeed together. We support one another, assume good intent, and show the same loyalty to our clients that we do to our coworkers. If these values resonate with you, you'll feel at home here. If not, no matter your technical skills, this isn't the right place for you. Role Overview We're hiring a Senior Security Engineer to own the technical security posture of our Microsoft-based environment. You'll work independently, reporting to our India operations manager, and partner closely with engineering to ensure that Xeo's systems are locked down, monitored, and audit-ready for SOC 2 compliance. Your first major success milestone will be a clean external penetration test within six months validating that your controls, configurations, and processes work under pressure. Key Responsibilities Secure our infrastructure : Harden Windows servers, VMware environments, FortiGate firewalls, and Microsoft-stack applications. Integrate security into DevOps : Embed security checks into CI/CD pipelines (DevSecOps), automate vulnerability scanning, and enforce least-privilege access. Threat detection & monitoring : Deploy and manage SIEM, IDS/IPS, and endpoint protection tools; tune alerts and response playbooks. Vulnerability management : Conduct continuous assessment, patching, and configuration audits across systems and applications. SOC 2 readiness : Implement and maintain technical controls required for certification, collaborating with external auditors as needed. Policy foundation : Define practical security standards and technical baselines (system hardening, password policies, patch cadence, etc.). Advisory leadership : Serve as the organization's primary voice for infrastructure and application security, guiding engineers and management. Required Skills & Experience 7+ years of experience in cybersecurity or systems security engineering , with at least 3 years in a Microsoft-centric environment . Deep expertise in Windows Server , Active Directory , VMware , FortiGate firewalls , and Azure or Microsoft 365 ecosystems. Proven experience integrating DevSecOps practices into CI/CD pipelines (e.g., Azure DevOps, GitHub Actions, Jenkins). Hands-on proficiency with threat detection tools , vulnerability scanners , and endpoint protection suites. Working knowledge of SOC 2 or similar frameworks (ISO 27001, NIST 800-53). Strong understanding of network segmentation, identity management, encryption , and secure application deployment . Experience conducting or preparing for external penetration testing engagements. Excellent documentation and communication skills able to explain complex risk and remediation paths clearly. Preferred Qualifications Relevant certifications: CISSP , OSCP , CEH , AZ-500 , or MS-500 . Experience in security automation (PowerShell, Python, Terraform, etc.). Prior work in a product engineering company or security consultancy environment. Why Join Xeo Autonomy and ownership: You'll set the direction for Xeo's technical security from day one. Visible impact: Your work will be benchmarked against independent security validation (pen tests, SOC 2). Collaborative, engineering-first culture: We value clean design, smart automation, and technical excellence. Growth opportunity: Be the founding member of our India security operations with potential to build a team.
About Xeo Software We're a boutique software firm that builds custom software to help businesses scale. As part of our next chapter, we are adding AI-driven solutions that improve efficiency and automation. We're seeking someone who can take today's best AI tools and frameworks and put them into action for our clients. Our Core Values Come First At Xeo Software, we believe skills can be taught, but values must be shared. To thrive here, you must not only be technically strong you must live out the principles that define how we work together and with our clients. Two-Way Candor We speak directly and respectfully, even when conversations are hard. We invite honest feedback and give it in return, knowing it strengthens trust and outcomes. Excellence & Professionalism We take pride in doing things right the first time. That means going beyond good enough polishing details, documenting solutions, and holding ourselves to the highest standard. Continuous Learning Technology evolves fast, and so do we. We actively seek out new tools, share knowledge with teammates, and integrate innovations that drive better results. Loyalty to Team & Clients We succeed together. We support one another, assume good intent, and show the same loyalty to our clients that we do to our coworkers. If these values resonate with you, you'll feel at home here. If not, no matter your technical skills, this isn't the right place for you. Role Overview We are seeking a highly skilled Senior Automated Test Engineer to lead the design, development, and integration of automated testing frameworks within our CI/CD pipeline. The ideal candidate will bring strong expertise in Selenium (or any other competitive software) and Python, ensuring the scalability, reliability, and efficiency of automated testing practices. This role is pivotal in driving our shift-left testing strategy, improving product quality, and accelerating delivery cycles. Key Responsibilities Automation Framework Development: Design, implement, and maintain robust automated test frameworks using Selenium and Python. CI/CD Integration: Integrate automated tests into our CI/CD pipeline (e.g., Jenkins, GitLab CI, GitHub Actions, or Azure DevOps) to enable continuous validation of software builds. Test Strategy & Execution: Develop test strategies covering functional, regression, integration, and end-to-end testing. Collaboration: Partner with developers, DevOps, and QA teams to define quality standards and ensure test automation aligns with business goals. Code Quality & Best Practices: Apply clean coding principles, maintain reusable test scripts, and enforce automation best practices. Defect Analysis: Investigate test failures, perform root cause analysis, and collaborate with engineering teams to resolve issues. Mentorship: Provide guidance and mentorship to junior QA engineers in automation tools, scripting, and best practices. Innovation: Continuously evaluate emerging testing tools, frameworks, and approaches to improve efficiency and coverage. Required Skills & Experience Strong Proficiency in Selenium: Proven hands-on experience creating and executing automated UI tests. Advanced Python Knowledge: Expertise in writing scalable test scripts, leveraging Python libraries (e.g., PyTest, Unittest, Behave). CI/CD Experience: Demonstrated ability to integrate and manage test suites within pipelines (e.g. Jenkins, GitHub Actions, GitLab, Azure DevOps). Testing Types: Deep understanding of regression, smoke, functional, API, and cross-browser testing. Version Control: Experience with Git-based workflows. Cloud & Container Knowledge (nice-to-have): Familiarity with Docker, Kubernetes, or cloud testing platforms (e.g. Sauce Labs, BrowserStack). Analytical Skills: Strong problem-solving and debugging capabilities. Communication Skills: Excellent written and verbal communication to work effectively across teams. Preferred Qualifications Exposure to BDD frameworks such as Cucumber or Behave. Experience with API testing tools (Postman, REST Assured, or similar). Knowledge of performance testing tools (e.g., JMeter, Locust). Experience with test data management and test environment setup. Why Join Xeo Opportunity to influence and shape the test automation strategy across the engineering organization. Collaborative, innovation-driven environment. Growth opportunities in leadership and advanced automation practices. Competitive compensation and benefits package.