11+ NIST SP 800 Series Jobs in Bangalore (Bengaluru) | NIST SP 800 Series Job openings in Bangalore (Bengaluru)

SENIOR INFORMATION SECURITY ENGINEER (DEVSECOPS)

Key Skills: Software Development Life Cycle (SDLC), CI/CD

About Company: Consumer Internet / E-Commerce

Company Size: Mid-Sized

Experience Required: 6 - 10 years

Working Days: 5 days/week

Office Location: Bengaluru [Karnataka]

Review Criteria:

Mandatory:

• Strong DevSecOps profile
• Must have 5+ years of hands-on experience in Information Security, with a primary focus on cloud security across AWS, Azure, and GCP environments.
• Must have strong practical experience working with Cloud Security Posture Management (CSPM) tools such as Prisma Cloud, Wiz, or Orca along with SIEM / IDS / IPS platforms
• Must have proven experience in securing Kubernetes and containerized environments including image security,runtime protection, RBAC, and network policies.
• Must have hands-on experience integrating security within CI/CD pipelines using tools such as Snyk, GitHub Advanced Security,or equivalent security scanning solutions.
• Must have solid understanding of core security domains including network security, encryption, identity and access management key management, and security governance including cloud-native security services like GuardDuty, Azure Security Center etc
• Must have practical experience with Application Security Testing tools including SAST, DAST, and SCA in real production environments
• Must have hands-on experience with security monitoring, incident response, alert investigation, root-cause analysis (RCA), and managing VAPT / penetration testing activities
• Must have experience securing infrastructure-as-code and cloud deployments using Terraform, CloudFormation, ARM, Docker, and Kubernetes
• B2B SaaS Product companies
• Must have working knowledge of globally recognized security frameworks and standards such as ISO 27001, NIST, and CIS with exposure to SOC2, GDPR, or HIPAA compliance environments

Preferred:

• Experience with DevSecOps automation, security-as-code, and policy-as-code implementations
• Exposure to threat intelligence platforms, cloud security monitoring, and proactive threat detection methodologies, including EDR / DLP or vulnerability management tools
• Must demonstrate strong ownership mindset, proactive security-first thinking, and ability to communicate risks in clear business language

Roles & Responsibilities:

We are looking for a Senior Information Security Engineer who can help protect our cloud infrastructure, applications, and data while enabling teams to move fast and build securely.

This role sits deep within our engineering ecosystem. You’ll embed security into how we design, build, deploy, and operate systems—working closely with Cloud, Platform, and Application Engineering teams. You’ll balance proactive security design with hands-on incident response, and help shape a strong, security-first culture across the organization.

If you enjoy solving real-world security problems, working close to systems and code, and influencing how teams build securely at scale, this role is for you.

What You’ll Do-

Cloud & Infrastructure Security:

• Design, implement, and operate cloud-native security controls across AWS, Azure, GCP, and Oracle.
• Strengthen IAM, network security, and cloud posture using services like GuardDuty, Azure Security Center and others.
• Partner with platform teams to secure VPCs, security groups, and cloud access patterns.

Application & DevSecOps Security:

• Embed security into the SDLC through threat modeling, secure code reviews, and security-by-design practices.
• Integrate SAST, DAST, and SCA tools into CI/CD pipelines.
• Secure infrastructure-as-code and containerized workloads using Terraform, CloudFormation, ARM, Docker, and Kubernetes.

Security Monitoring & Incident Response:

• Monitor security alerts and investigate potential threats across cloud and application layers.
• Lead or support incident response efforts, root-cause analysis, and corrective actions.
• Plan and execute VAPT and penetration testing engagements (internal and external), track remediation, and validate fixes.
• Conduct red teaming activities and tabletop exercises to test detection, response readiness, and cross-team coordination.
• Continuously improve detection, response, and testing maturity.

Security Tools & Platforms:

• Manage and optimize security tooling including firewalls, SIEM, EDR, DLP, IDS/IPS, CSPM, and vulnerability management platforms.
• Ensure tools are well-integrated, actionable, and aligned with operational needs.

Compliance, Governance & Awareness:

• Support compliance with industry standards and frameworks such as SOC2, HIPAA, ISO 27001, NIST, CIS, and GDPR.
• Promote secure engineering practices through training, documentation, and ongoing awareness programs.
• Act as a trusted security advisor to engineering and product teams.

Continuous Improvement:

• Stay ahead of emerging threats, cloud vulnerabilities, and evolving security best practices.
• Continuously raise the bar on a company's security posture through automation and process improvement.

Endpoint Security (Secondary Scope):

• Provide guidance on endpoint security tooling such as SentinelOne and Microsoft Defender when required.

Ideal Candidate:

• Strong hands-on experience in cloud security across AWS and Azure.
• Practical exposure to CSPM tools (e.g., Prisma Cloud, Wiz, Orca) and SIEM / IDS / IPS platforms.
• Experience securing containerized and Kubernetes-based environments.
• Familiarity with CI/CD security integrations (e.g., Snyk, GitHub Advanced Security, or similar).
• Solid understanding of network security, encryption, identity, and access management.
• Experience with application security testing tools (SAST, DAST, SCA).
• Working knowledge of security frameworks and standards such as ISO 27001, NIST, and CIS.
• Strong analytical, troubleshooting, and problem-solving skills.

Nice to Have:

• Experience with DevSecOps automation and security-as-code practices.
• Exposure to threat intelligence and cloud security monitoring solutions.
• Familiarity with incident response frameworks and forensic analysis.
• Security certifications such as CISSP, CISM, CCSP, or CompTIA Security+.

Perks, Benefits and Work Culture:

A wholesome opportunity in a fast-paced environment that will enable you to juggle between concepts, yet maintain the quality of content, interact and share your ideas and have loads of learning while at work. Work with a team of highly talented young professionals and enjoy the comprehensive benefits that company offers.

we’d love to speak with you. Skills and Qualifications:

Strong experience with continuous integration/continuous deployment (CI/CD) pipeline tools such as Jenkins, TravisCI, or GitLab CI.

Proficiency in scripting languages such as Python, Bash, or Ruby.

Knowledge of infrastructure automation tools such as Ansible, Puppet, or Terraform.

Experience with cloud platforms such as AWS, Azure, or GCP.

Knowledge of container orchestration tools such as Docker, Kubernetes, or OpenShift.

Experience with version control systems such as Git.

Familiarity with Agile methodologies and practices.

Understanding of networking concepts and principles.

Knowledge of database technologies such as MySQL, MongoDB, or PostgreSQL.

Good understanding of security and data protection principles.

Roles and responsibilities:

● Building and setting up new development tools and infrastructure

● Working on ways to automate and improve development and release processes

● Deploy updates and fixes

● Helping to ensure information security best practices

● Provide Level 2 technical support

● Perform root cause analysis for production errors

● Investigate and resolve technical issues

Job Description – Senior .NET Developer (Angular/React)

Job Title: Senior .NET Developer (Angular/React)

Location: Hyderabad (Hybrid)

Job Summary: We are seeking a Senior .NET Developer with strong frontend expertise in Angular or React to join our dynamic team. The ideal candidate will have deep experience in .NET Core, C#, Web API, relational/non-relational databases, and cloud platforms (Azure/AWS) while also being skilled in modern frontend development. This role requires designing and developing scalable, high performance, and secure applications with a strong focus on frontend and backend integration.

Key Responsibilities:

 Develop, test, and maintain .NET Core applications and Web APIs.

 Build dynamic and responsive UI components using Angular or React.

 Ensure seamless frontend-backend integration with RESTful APIs.

 Design and implement scalable, secure, and high-performance applications.

 Work with relational (SQL Server, PostgreSQL, MySQL) and non-relational (MongoDB, DynamoDB) databases for efficient data management.

 Apply OOP principles, SOLID design, and software development best practices.

 Utilize Azure/AWS cloud services for deployment and management.  Ensure code quality through unit testing, debugging, and performance optimization.

 Implement and manage Git for version control.

 Collaborate with cross-functional teams to define, design, and deliver new features.

 Troubleshoot and resolve technical issues to maintain application stability.

Required Qualifications & Skills:

 4-8 years of hands-on experience in .NET development.

 Strong proficiency in .NET Core, C#, Web API.

 Must have experience with frontend technologies—Angular or React.  Solid understanding of RESTful services, microservices architecture, and SOA.

 Experience with relational and non-relational databases (SQL Server, PostgreSQL, MySQL, MongoDB, DynamoDB).

 Hands-on experience with cloud platforms (Azure/AWS) and DevOps practices.

 Strong debugging, problem-solving, and troubleshooting skills.

 Familiarity with CI/CD pipelines, Docker/Kubernetes is a plus.

 Bachelor's degree in computer science, Software Engineering, or a related field.

• Be a passionate advocate for customers and help ensure thorough and intuitive customer journeys.
• Targeting customers with better customer segmentation, hypotheses, testing with experiments, campaign analytics, communication process ,automation, and competitive benchmarking.
• Working closely with Product, Analytics, Business and Design teams
• Owning one or more key traffic channels for a category (Personal Loans,
• Home Loans, Health Insurance and Mutual Funds) and build the optimum funnel for the business.
• Conceptualize, design and execute initiatives through extensive experiments.
• Work on new product, features and scheme launches, and making the successful by targeting customers through various channels
• Analyse traffic patterns and optimize for seasonality, relevance, and selection
• Regularly develop, test and analyse new tactics that sell products across all categories and increase conversion rates, documenting the results and sharing best practices with the team
• Own projects with considerable scope and/or complexity with significant impact on customer experience

BASIC QUALIFICATIONS

• 1-3 years of experience in roles requiring high analytical skills
• Experience using data and metrics to measure impact and determine improvements
• Experience in making data-driven decisions, developing customer insights from data and creating strategies to improve conversion and sales.
• Understanding of product funnel and journeys.
• Excellent written and oral communication skills, with the ability to communicate effectively in reviews and meetings