Talent.com
Principal Security Engineer

Principal Security Engineer

Forbes AdvisorChennai, Tamil Nadu, India
30+ days ago
Job description

Job Description

We are looking for a Principal Security Engineer to join our organization. The ideal candidate will have strong hands-on experience in ensuring robust security controls across both applications and organizational data. This candidate is expected to work closely with multiple stakeholders to architect implement and monitor effective safeguards. The ideal candidate will champion secure design conduct risk assessments drive vulnerability management and promote data protection best practices for the organization

Responsibilities

  • Design and implement security measures for website and API applications.
  • Conduct security-first code reviews vulnerability assessments and posture audits for business-critical applications.
  • Conduct security testing activities like SAST & DAST by integrating them within the projects CI / CD pipelines and development workflows.
  • Manage all penetration testing activities including working with external vendors for security certification of business-critical applications.
  • Develop and manage data protection policies and RBAC controls for sensitive organizational data like PII revenue secrets etc.
  • Oversee encryption key management and secure data storage solutions.
  • Monitor threats and responds to incidents involving application and data breaches.
  • Collaborate with engineering data product and compliance teams to achieve security-by-design principles.
  • Ensure compliance with regulatory standards (GDPR HIPAA etc.) and internal organizational policies.
  • Automate recurrent security tasks using scripts and security tools.
  • Maintain documentation around data flows application architectures and security controls.

Requirements

  • 10 years experience in application security and / or data security engineering.
  • Strong understanding of security concepts including zero trust architecture threat modeling security frameworks (like SOC 2 ISO 27001) and best practices in corporate security environments.
  • Strong knowledge of modern web / mobile application architectures and common vulnerabilities (like OWASP Top 10 etc.)
  • Proficiency in secure coding practices and code reviews for major programming languages including Python JavaScript Typescript React etc.
  • Hands-on experience in at-least two Software tooling in areas of vulnerability scanning and static / dynamic analysis. Software tooling can include  Checkmarx Veracode SonarQube Burp Suite AppScan etc.
  • Advanced understanding of data encryption key management and secure storage (SQL NoSQL Cloud) and secure transfer mechanisms.
  • Working experience in Cloud Environments like AWS & GCP and familiarity with the recommended security best practices.
  • Familiarity with regulatory frameworks such as GDPR HIPAA PCI DSS and the controls needed to implement them.
  • Experience integrating security into DevOps / CI / CD processes.
  • Hands-on Experience with automation in any of the scripting languages (Python Bash etc.)
  • Ability to conduct incident response and forensic investigations related to application / data breaches.
  • Excellent communication and documentation skills.

    • Good To have :

  • Cloud Security certifications in either one of the below

    • AWS Certified Security Specialty

  • GCP Professional Cloud Security
  • Experience with container security (Docker Kubernetes) and cloud security tools (AWS Azure GCP).
  • Experience in safeguard data storage solutions like GCP GCS BigQuery etc.
  • Hands-on work with any SIEM / SOC platforms for monitoring and alerting.
  • Knowledge of data loss prevention (DLP) solutions and IAM (identity and access management) systems.

    • Perks :

    Day off on the 3rd Friday of every month (one long weekend each month)

    Monthly Wellness Reimbursement Program to promote health well-being

    Monthly Office Commutation Reimbursement Program

    Paid paternity and maternity leaves

    Qualifications :

    Bachelors or Masters degree in Computer Science Engineering or a related field.

    Remote Work : No

    Employment Type : Full-time

    Key Skills

    Design,Academics,AutoCAD 3D,Cafe,Fabrication,Java

    Department / Functional Area : Engineering

    Experience : years

    Vacancy : 1

    Create a job alert for this search

    Principal Engineer • Chennai, Tamil Nadu, India