Job Description

Bangalore, Karnataka, India








Department
Engineering
Job posted on
Nov 21, 2025
Employment type
Head Office

About the Role

We are looking for an

Security Engineer II

who will play a pivotal role in strengthening our security posture, maintaining security best practices across the organisation, and leading end-to-end information security compliance initiatives. This role demands a strong blend of technical security expertise and deep understanding of compliance frameworks, along with the ability to drive, coordinate, and close compliance audits with internal and external stakeholders.

You will work closely with engineering, SRE, product, compliance, and leadership teams to ensure the organisation consistently meets industry-leading security standards.

Key Responsibilities:

Security Governance & Best Practices

Define, implement, and maintain

security best practices

across infrastructure, applications, networks, and development workflows.
Conduct

security reviews

for new and existing services, including architecture assessments and secure design recommendations.
Own and improve security hardening across cloud environments, including IAM, encryption, secrets management, network segmentation, data protection, and monitoring.
Collaborate with engineering teams to ensure

secure SDLC

, including threat modelling, code scanning, dependency checks, and configuration reviews.
Maintain and continuously improve organisation-wide

security policies, SOPs, and guidelines

.

Compliance & Audit Leadership

Lead and manage all

infosec compliance audits

, including internal audits and external audits such as ISO 27001, PCI-DSS, RBI/industry-specific guidelines, and other regulatory assessments.
Coordinate with auditors, internal teams, and leadership to ensure timely evidence collection, gap remediation, and audit closure.
Maintain compliance documentation, controls library, and audit artefacts with high accuracy.
Monitor compliance posture, track control effectiveness, and drive continuous improvement initiatives across the organisation.
Ensure enterprise adherence to policies, regulatory expectations, risk controls, and customer commitments.

Risk Management & Security Operations

Identify and assess information security risks, propose mitigation strategies, and track closure timelines.
Run periodic

risk assessments, vendor assessments, vulnerability scans,

and configuration compliance checks.
Participate in

incident response

, including investigation, RCA, and preventive controls implementation.
Drive continuous security posture improvement through automation, tooling, training, and proactive monitoring.

Qualifications & Skills

Must-Have

2-5 years of experience in Information Security, with strong exposure to security governance, compliance, and audit management.
Hands-on experience with security frameworks such as

ISO 27001, SOC 2, NIST CSF, PCI-DSS

, or cloud-security benchmarks (CIS, AWS Well-Architected Security Pillar).
Strong understanding of cloud security (AWS/GCP), identity & access management, data protection, secure network architecture, and secrets management.
Ability to manage external auditors and internal stakeholders with clarity and ownership.
Excellent documentation, communication, and cross-functional collaboration skills.

Good-to-Have

Experience working with fintech organisations or regulated sectors.
Knowledge of DevSecOps tooling--SAST, SCA, DAST, IaC scanning, runtime protection, security monitoring.
Relevant certifications (e.g., ISO 27001 LA/LI, SOC 2, CEH, Security+, CISSP Associate).

What You'll Bring

High ownership mindset with ability to lead compliance programs end-to-end.
Passion for building a secure, compliant, and audit-ready organisation.
Ability to balance practicality with security rigour and influence teams toward secure behaviours.

Why Join Us?

Opportunity to shape and scale the organisation's security and compliance posture.
Work closely with engineering and leadership teams to define foundational security practices.
Fast-paced, high-impact role in a rapidly growing environment.