Job
Description
Role & responsibilities We are seeking a Senior Software Engineer - Security to join our cybersecurity team in our Hyderabad office. In this role, you will be responsible for securing our SaaS applications , implementing security best practices, and ensuring compliance with industry standards. You will work closely with engineering, operations, and compliance teams to enhance our security posture, mitigate threats, and safeguard customer data. Key Responsibilities SaaS Security Architecture: Design, implement, and maintain security controls for SaaS applications, ensuring adherence to industry best practices. Threat Detection & Incident Response: Monitor for security threats, investigate security incidents, and lead response efforts. Vulnerability & Risk Management: Conduct security assessments, penetration testing, and vulnerability management to reduce risk. Cloud Security: Secure cloud-based environments (AWS, Azure, GCP) and enforce cloud security best practices. Access Control & Identity Management: Design and implement robust access control frameworks (RBAC, ABAC, Zero Trust) to protect sensitive assets. Secure Development Practices: Partner with development teams to integrate security into the Software Development Lifecycle (SDLC) . Educate development teams in secure coding practices and collaborate to improve application security. Compliance & Governance: Ensure adherence to security frameworks and regulatory requirements (PCI, SOC 2, NIST, CIS benchmarks). Security Automation & Tooling: Develop and implement automated security solutions for monitoring, compliance, and incident response. Security Awareness & Training: Educate internal teams on security best practices and emerging threats. Qualifications & Experience 5-8 years of experience in cybersecurity, with a focus on securing SaaS applications. Expertise in access control frameworks , including RBAC, ABAC, and Zero Trust principles . Strong experience with software development and secure coding practices in languages such as Python, PHP, JavaScript, .NET or Ruby. Hands-on experience with cloud security tools (Crowdstrike, Cloudflare, Snyk, Burp Suite, etc). Familiarity with security frameworks such as NIST, OWASP, and CIS benchmarks . Strong scripting and automation skills (Python, Bash, or PowerShell). Industry certifications (e.g., CISSP, CEH, AWS Security Specialty, CCSP, OSCP ) are highly desirable. Preferred candidate profile
