Business Development Executive

SENIOR INFORMATION SECURITY ENGINEER (DEVSECOPS)

Key Skills: Software Development Life Cycle (SDLC), CI/CD

About Company: Consumer Internet / E-Commerce

Company Size: Mid-Sized

Experience Required: 6 - 10 years

Working Days: 5 days/week

Office Location: Bengaluru [Karnataka]

Review Criteria:

Mandatory:

• Strong DevSecOps profile
• Must have 5+ years of hands-on experience in Information Security, with a primary focus on cloud security across AWS, Azure, and GCP environments.
• Must have strong practical experience working with Cloud Security Posture Management (CSPM) tools such as Prisma Cloud, Wiz, or Orca along with SIEM / IDS / IPS platforms
• Must have proven experience in securing Kubernetes and containerized environments including image security,runtime protection, RBAC, and network policies.
• Must have hands-on experience integrating security within CI/CD pipelines using tools such as Snyk, GitHub Advanced Security,or equivalent security scanning solutions.
• Must have solid understanding of core security domains including network security, encryption, identity and access management key management, and security governance including cloud-native security services like GuardDuty, Azure Security Center etc
• Must have practical experience with Application Security Testing tools including SAST, DAST, and SCA in real production environments
• Must have hands-on experience with security monitoring, incident response, alert investigation, root-cause analysis (RCA), and managing VAPT / penetration testing activities
• Must have experience securing infrastructure-as-code and cloud deployments using Terraform, CloudFormation, ARM, Docker, and Kubernetes
• B2B SaaS Product companies
• Must have working knowledge of globally recognized security frameworks and standards such as ISO 27001, NIST, and CIS with exposure to SOC2, GDPR, or HIPAA compliance environments

Preferred:

• Experience with DevSecOps automation, security-as-code, and policy-as-code implementations
• Exposure to threat intelligence platforms, cloud security monitoring, and proactive threat detection methodologies, including EDR / DLP or vulnerability management tools
• Must demonstrate strong ownership mindset, proactive security-first thinking, and ability to communicate risks in clear business language

Roles & Responsibilities:

We are looking for a Senior Information Security Engineer who can help protect our cloud infrastructure, applications, and data while enabling teams to move fast and build securely.

This role sits deep within our engineering ecosystem. You’ll embed security into how we design, build, deploy, and operate systems—working closely with Cloud, Platform, and Application Engineering teams. You’ll balance proactive security design with hands-on incident response, and help shape a strong, security-first culture across the organization.

If you enjoy solving real-world security problems, working close to systems and code, and influencing how teams build securely at scale, this role is for you.

What You’ll Do-

Cloud & Infrastructure Security:

• Design, implement, and operate cloud-native security controls across AWS, Azure, GCP, and Oracle.
• Strengthen IAM, network security, and cloud posture using services like GuardDuty, Azure Security Center and others.
• Partner with platform teams to secure VPCs, security groups, and cloud access patterns.

Application & DevSecOps Security:

• Embed security into the SDLC through threat modeling, secure code reviews, and security-by-design practices.
• Integrate SAST, DAST, and SCA tools into CI/CD pipelines.
• Secure infrastructure-as-code and containerized workloads using Terraform, CloudFormation, ARM, Docker, and Kubernetes.

Security Monitoring & Incident Response:

• Monitor security alerts and investigate potential threats across cloud and application layers.
• Lead or support incident response efforts, root-cause analysis, and corrective actions.
• Plan and execute VAPT and penetration testing engagements (internal and external), track remediation, and validate fixes.
• Conduct red teaming activities and tabletop exercises to test detection, response readiness, and cross-team coordination.
• Continuously improve detection, response, and testing maturity.

Security Tools & Platforms:

• Manage and optimize security tooling including firewalls, SIEM, EDR, DLP, IDS/IPS, CSPM, and vulnerability management platforms.
• Ensure tools are well-integrated, actionable, and aligned with operational needs.

Compliance, Governance & Awareness:

• Support compliance with industry standards and frameworks such as SOC2, HIPAA, ISO 27001, NIST, CIS, and GDPR.
• Promote secure engineering practices through training, documentation, and ongoing awareness programs.
• Act as a trusted security advisor to engineering and product teams.

Continuous Improvement:

• Stay ahead of emerging threats, cloud vulnerabilities, and evolving security best practices.
• Continuously raise the bar on a company's security posture through automation and process improvement.

Endpoint Security (Secondary Scope):

• Provide guidance on endpoint security tooling such as SentinelOne and Microsoft Defender when required.

Ideal Candidate:

• Strong hands-on experience in cloud security across AWS and Azure.
• Practical exposure to CSPM tools (e.g., Prisma Cloud, Wiz, Orca) and SIEM / IDS / IPS platforms.
• Experience securing containerized and Kubernetes-based environments.
• Familiarity with CI/CD security integrations (e.g., Snyk, GitHub Advanced Security, or similar).
• Solid understanding of network security, encryption, identity, and access management.
• Experience with application security testing tools (SAST, DAST, SCA).
• Working knowledge of security frameworks and standards such as ISO 27001, NIST, and CIS.
• Strong analytical, troubleshooting, and problem-solving skills.

Nice to Have:

• Experience with DevSecOps automation and security-as-code practices.
• Exposure to threat intelligence and cloud security monitoring solutions.
• Familiarity with incident response frameworks and forensic analysis.
• Security certifications such as CISSP, CISM, CCSP, or CompTIA Security+.

Perks, Benefits and Work Culture:

A wholesome opportunity in a fast-paced environment that will enable you to juggle between concepts, yet maintain the quality of content, interact and share your ideas and have loads of learning while at work. Work with a team of highly talented young professionals and enjoy the comprehensive benefits that company offers.

Headless Development: Lead the frontend development of our Shopify app, including

building new features, revamping existing functionalities, and optimising performance.

User Interface Design: Collaborate with the design team to implement responsive,

pixel-perfect UI components that align with our brand’s aesthetic and provide an intuitive

user experience.

Custom Theme Development: Create and customise Shopify themes to enhance the

visual appeal and functionality of our online store, ensuring compatibility with various

devices and browsers.

Integration and API Management: Work with third-party APIs and Shopify's API to integrate

necessary functionalities, such as payment gateways, shipping solutions, and marketing

tools.

Performance Optimization: Continuously monitor and improve the app’s performance,

ensuring fast load times, seamless navigation, and a smooth user experience.

Collaboration: Work closely with cross-functional teams, including backend developers,

designers, marketers, and product managers, to deliver high-quality solutions on time.

Code Review and Best Practices: Maintain clean, modular, and reusable code. Participate

in code reviews and ensure adherence to best practices in frontend development.

Troubleshooting and Debugging: Identify and resolve issues, bugs, and performance

bottlenecks in a timely manner to ensure a seamless user experience.

Documentation: Create and maintain comprehensive documentation for code, processes,

and development workflows.

Dot Net Developer

Location: Remote

Experience required: 2-15 years

Roles and Responsibilities:

In this role, you will be responsible for designing and developing enterprise-grade applications. As a member of the team, you will be expected to take ownership of individual platform components.

Key responsibilities include:

• Developing back-end web app applications.

• Creating servers and databases for functionality.

• Test and debug various applications

• Review and refactor code

• Designing and developing APIs.

• Strong understanding of relational databases

Basic Technical Qualifications

• 2+ years experience in building out enterprise-grade applications

Must have strong hands-on development experience in the following:

• .net framework (c#)

• .net core

• Exposing and consuming JSON-based RESTful services

• MongoDB, SQL

• Oops Concepts

• Troubleshooting abilities

• Experience with unit testing

• Familiarity with Agile methodologies

• Experience in the end-to-end release of highly reliable applications including development

• and testing

• Bachelor’s degree or equivalent in Computer Science/Software Engineering (or related fields).

Soft Skills

• Strong work ethic and dedication

• An aptitude and interest in both technology and business

• Excellent written and verbal communication skills are a must.

• Highly motivated and interested in following up on detailed business or technical issues

• and understanding the functional and technical impact of any change

• Willingness to take initiative and work independently

6+ years’ experience in Azure architecture, Azure Data Services, design and development. Significant experience as DW architect on several initiatives. • Rich Data/Dimensional modeling expertise • Expert knowledge of Azure tools and services centered around data and analytics (Azure Synapse, Data Lake, Data Factory etc.) • Experience designing and building complete ETL processes moving and transforming data from ODS, Staging and Data Warehousing, cloud and hybrid. Education and Experience: • Bachelor’s Degree in computer science or related field required. • 10 or more years’ experience managing and designing systems in an enterprise infrastructure environment required.

• Essentail Skills:
• Docker
• Jenkins
• Python dependency management using conda and pip

• Base Linux System Commands, Scripting
• Docker Container Build & Testing
• Common knowledge of minimizing container size and layers
• Inspecting containers for un-used / underutilized systems
• Multiple Linux OS support for virtual system

• Has experience as a user of jupyter / jupyter lab to test and fix usability issues in workbenches
• Templating out various configurations for different use cases (we use Python Jinja2 but are open to other languages / libraries)
• Jenkins PIpeline
• Github API Understanding to trigger builds, tags, releases
• Artifactory Experience
• Nice to have: Kubernetes, ArgoCD, other deployment automation tool sets (DevOps)

Be part of Floatr's Founding Team Member. As a Tech Sr/Lead developer at this early stage you will get opportunity to work as well as shape up the product to a world class AI driven tech solution. Opportunity to learn, drive, mentor and be part of the success. An attractive stock options plan will ensure you are well rewarded for your contribution.

A strong candidate for this role will be responsible for all aspects of mobile and web development, and expected to work closely with the team to shape and evolve our core products. You will be encouraged to come up with innovative ideas to help build a robust solution.

Key Responsibilities

• Develop high-performance, scalable software for mobile and the server-side to deliver interfaces and APIs.
• Work with team to prioritise, scope, and deliver on key initiatives and features

Requirements

• 5+ years’ experience in Hybrid Mobile App development
• Expert in React Native & NodeJs development
• Web fundamentals like HTML, JavaScript, and CSS
• Skilled in Database technologies like MySQL, NoSQL and Postgres
• Excellent analytical and problem solving skills
• Willing to work from office in Bangalore (HSR Layout)

What you need to have: