Talent.com
This job offer is not available in your country.
Security Engineer

Security Engineer

NexionProChennai
12 days ago
Job description

Key Responsibilities :

  • Perform vulnerability assessments across cloud platforms and workloads using Wiz, Tenable, and SonarQube.
  • Classify vulnerabilities by severity, remediation type (Terraform fix, code refactor, policy update), and level of effort (LOE).
  • Track, manage, and drive remediation efforts to closure, ensuring timely risk reduction.
  • Integrate vulnerability scanning into AWS Image Builder pipelines to deliver hardened AMIs for Windows, Linux, Amazon Linux, and middleware workloads.
  • Define and enforce tagging schemas for traceability, compliance, and reporting across images and container workloads.
  • Develop and implement security policies, procedures, and governance frameworks to enhance organizational security posture.
  • Partner with DevOps and development teams to embed security practices into CI / CD pipelines (GitHub Actions, Spacelift, Jenkins, GitLab CI).
  • Automate workflows for image release notifications, deprecations, and vulnerability alerts.
  • Design and maintain dashboards to track vulnerability aging, adoption, risk trends, and remediation progress.
  • Provide knowledge transfer and training to platform and security teams, promoting long-term adoption of best practices.
  • Ensure license compliance for BYOL workloads (Oracle, WebLogic, etc.).
  • Deliver regular metrics, risk reports, and status updates to leadership and :
  • 5-8 years of experience in security engineering, vulnerability management, and cloud security.
  • Bachelors degree in Computer Science, Information Security, or related field.
  • Proven experience in vulnerability assessment and remediation across AWS workloads.
  • Hands-on expertise with security tools : Tenable, SonarQube, Wiz.
  • Strong knowledge of IaC : Terraform, CloudFormation, Ansible.
  • Experience with CI / CD tools : GitHub Actions, Spacelift, Jenkins, GitLab CI.
  • Familiarity with AWS services : VPC, EC2, IAM, CloudWatch.
  • Scripting proficiency in Shell, PowerShell, and Python.
  • Knowledge of OS hardening frameworks (CIS Benchmarks, DISA STIGs).
  • Strong problem-solving, analytical, and collaboration skills.

Preferred Qualifications :

  • Security or cloud certifications : CISSP, CISM, AWS Certified Security Specialty, or equivalent.
  • Experience with policy-driven enforcement (OPA, AWS Config, SCPs).
  • Familiarity with observability tools : Prometheus, Grafana, ELK stack.
  • Experience securing container workloads (EKS, ECS, Docker).
  • Knowledge of governance and compliance standards : ISO 27001, NIST, SOC2.

    • (ref : hirist.tech)

    Create a job alert for this search

    Security Engineer • Chennai