3+ RCA Jobs in Bangalore (Bengaluru) | RCA Job openings in Bangalore (Bengaluru)

SENIOR INFORMATION SECURITY ENGINEER (DEVSECOPS)

Key Skills: Software Development Life Cycle (SDLC), CI/CD

About Company: Consumer Internet / E-Commerce

Company Size: Mid-Sized

Experience Required: 6 - 10 years

Working Days: 5 days/week

Office Location: Bengaluru [Karnataka]

Review Criteria:

Mandatory:

• Strong DevSecOps profile
• Must have 5+ years of hands-on experience in Information Security, with a primary focus on cloud security across AWS, Azure, and GCP environments.
• Must have strong practical experience working with Cloud Security Posture Management (CSPM) tools such as Prisma Cloud, Wiz, or Orca along with SIEM / IDS / IPS platforms
• Must have proven experience in securing Kubernetes and containerized environments including image security,runtime protection, RBAC, and network policies.
• Must have hands-on experience integrating security within CI/CD pipelines using tools such as Snyk, GitHub Advanced Security,or equivalent security scanning solutions.
• Must have solid understanding of core security domains including network security, encryption, identity and access management key management, and security governance including cloud-native security services like GuardDuty, Azure Security Center etc
• Must have practical experience with Application Security Testing tools including SAST, DAST, and SCA in real production environments
• Must have hands-on experience with security monitoring, incident response, alert investigation, root-cause analysis (RCA), and managing VAPT / penetration testing activities
• Must have experience securing infrastructure-as-code and cloud deployments using Terraform, CloudFormation, ARM, Docker, and Kubernetes
• B2B SaaS Product companies
• Must have working knowledge of globally recognized security frameworks and standards such as ISO 27001, NIST, and CIS with exposure to SOC2, GDPR, or HIPAA compliance environments

Preferred:

• Experience with DevSecOps automation, security-as-code, and policy-as-code implementations
• Exposure to threat intelligence platforms, cloud security monitoring, and proactive threat detection methodologies, including EDR / DLP or vulnerability management tools
• Must demonstrate strong ownership mindset, proactive security-first thinking, and ability to communicate risks in clear business language

Roles & Responsibilities:

We are looking for a Senior Information Security Engineer who can help protect our cloud infrastructure, applications, and data while enabling teams to move fast and build securely.

This role sits deep within our engineering ecosystem. You’ll embed security into how we design, build, deploy, and operate systems—working closely with Cloud, Platform, and Application Engineering teams. You’ll balance proactive security design with hands-on incident response, and help shape a strong, security-first culture across the organization.

If you enjoy solving real-world security problems, working close to systems and code, and influencing how teams build securely at scale, this role is for you.

What You’ll Do-

Cloud & Infrastructure Security:

• Design, implement, and operate cloud-native security controls across AWS, Azure, GCP, and Oracle.
• Strengthen IAM, network security, and cloud posture using services like GuardDuty, Azure Security Center and others.
• Partner with platform teams to secure VPCs, security groups, and cloud access patterns.

Application & DevSecOps Security:

• Embed security into the SDLC through threat modeling, secure code reviews, and security-by-design practices.
• Integrate SAST, DAST, and SCA tools into CI/CD pipelines.
• Secure infrastructure-as-code and containerized workloads using Terraform, CloudFormation, ARM, Docker, and Kubernetes.

Security Monitoring & Incident Response:

• Monitor security alerts and investigate potential threats across cloud and application layers.
• Lead or support incident response efforts, root-cause analysis, and corrective actions.
• Plan and execute VAPT and penetration testing engagements (internal and external), track remediation, and validate fixes.
• Conduct red teaming activities and tabletop exercises to test detection, response readiness, and cross-team coordination.
• Continuously improve detection, response, and testing maturity.

Security Tools & Platforms:

• Manage and optimize security tooling including firewalls, SIEM, EDR, DLP, IDS/IPS, CSPM, and vulnerability management platforms.
• Ensure tools are well-integrated, actionable, and aligned with operational needs.

Compliance, Governance & Awareness:

• Support compliance with industry standards and frameworks such as SOC2, HIPAA, ISO 27001, NIST, CIS, and GDPR.
• Promote secure engineering practices through training, documentation, and ongoing awareness programs.
• Act as a trusted security advisor to engineering and product teams.

Continuous Improvement:

• Stay ahead of emerging threats, cloud vulnerabilities, and evolving security best practices.
• Continuously raise the bar on a company's security posture through automation and process improvement.

Endpoint Security (Secondary Scope):

• Provide guidance on endpoint security tooling such as SentinelOne and Microsoft Defender when required.

Ideal Candidate:

• Strong hands-on experience in cloud security across AWS and Azure.
• Practical exposure to CSPM tools (e.g., Prisma Cloud, Wiz, Orca) and SIEM / IDS / IPS platforms.
• Experience securing containerized and Kubernetes-based environments.
• Familiarity with CI/CD security integrations (e.g., Snyk, GitHub Advanced Security, or similar).
• Solid understanding of network security, encryption, identity, and access management.
• Experience with application security testing tools (SAST, DAST, SCA).
• Working knowledge of security frameworks and standards such as ISO 27001, NIST, and CIS.
• Strong analytical, troubleshooting, and problem-solving skills.

Nice to Have:

• Experience with DevSecOps automation and security-as-code practices.
• Exposure to threat intelligence and cloud security monitoring solutions.
• Familiarity with incident response frameworks and forensic analysis.
• Security certifications such as CISSP, CISM, CCSP, or CompTIA Security+.

Perks, Benefits and Work Culture:

A wholesome opportunity in a fast-paced environment that will enable you to juggle between concepts, yet maintain the quality of content, interact and share your ideas and have loads of learning while at work. Work with a team of highly talented young professionals and enjoy the comprehensive benefits that company offers.

Review Criteria

• Strong Oracle Integration Cloud (OIC) Implementation profile
• 5+ years in enterprise integration / middleware roles, with minimum 3+ years of hands-on Oracle Integration Cloud (OIC) implementation experience
• Strong experience designing and delivering integrations using OIC Integrations, Adapters (File, FTP, DB, SOAP/REST, Oracle ERP), Orchestrations, Mappings, Process Automation, Visual Builder (VBCS), and OIC Insight/Monitoring
• Proven experience building integrations across Oracle Fusion/ERP/HCM, Salesforce, on-prem systems (AS/400, JDE), APIs, file feeds (FBDI/HDL), databases, and third-party SaaS.
• Strong expertise in REST/JSON, SOAP/XML, WSDL, XSD, XPath, XSLT, JSON Schema, and web-service–based integrations
• Good working knowledge of OCI components (API Gateway, Vault, Autonomous DB) and hybrid integration patterns
• Strong SQL & PL/SQL skills for debugging, data manipulation, and integration troubleshooting
• Hands-on experience owning end-to-end integration delivery including architecture reviews, deployments, versioning, CI/CD of OIC artifacts, automated testing, environment migrations (Dev→Test→Prod), integration governance, reusable patterns, error-handling frameworks, and observability using OIC/OCI monitoring & logging tools
• Experience providing technical leadership, reviewing integration designs/code, and mentoring integration developers; must be comfortable driving RCA, performance tuning, and production issue resolution
• Strong stakeholder management, communication (written + verbal), problem-solving, and ability to collaborate with business/product/architect teams

Preferred

• Preferred (Certification) – Oracle OIC or Oracle Cloud certification
• Preferred (Domain Exposure) – Experience with Oracle Fusion functional modules (Finance, SCM, HCM), business events/REST APIs, SOA/OSB background, or multi-tenant/API-governed integration environments

Job Specific Criteria

• CV Attachment is mandatory
• How many years of experience you have with Oracle Integration Cloud (OIC)?
• Which is your preferred job location (Mumbai / Bengaluru / Hyderabad / Gurgaon)?
• Are you okay with 3 Days WFO?
• Virtual Interview requires video to be on, are you okay with it?

Role & Responsibilities

Company is seeking an experienced OIC Lead to own the design, development and deployment of enterprise integrations. The ideal candidate will have atleast 6+years of prior experience in various integration technologies, with a good experience implementing OIC integration capabilities. This role offers an exciting opportunity to work on diverse projects, collaborating with cross-functional teams to design, build, and optimize data pipelines and infrastructure.

Responsibilities:

• Lead the design and delivery of integration solutions using Oracle Integration Cloud (Integration, Process Automation, Visual Builder, Insight) and related Oracle PaaS components.
• Build and maintain integrations between Oracle Fusion/ERP/HCM, Salesforce, on-prem applications (e.g., AS/400, JDE), APIs, file feeds (FBDI/HDL), databases and third-party SaaS.
• Own end-to-end integration delivery - from architecture/design reviews through deployment, monitoring, and post-production support.
• Create reusable integration patterns, error-handling frameworks, security patterns (OAuth2, client credentials), and governance for APIs and integrations.
• Own CI/CD, versioning and migration of OIC artifacts across environments (Dev → Test → Prod); implement automated tests and promotion pipelines.
• Define integration architecture standards and reference patterns for hybrid (cloud/on-prem) deployments.
• Ensure security, scalability, and fault tolerance are built into all integration designs.
• Drive performance tuning, monitoring and incident response for integrations; implement observability using OIC/OCI monitoring and logging tools.
• Provide technical leadership and mentorship to a team of integration developers; review designs and code; run hands-on troubleshooting and production support rotations.
• Work with business stakeholders, product owners and solution architects to translate requirements into integration designs, data mappings and runbooks

Ideal Candidate

• 5+ years in integration/enterprise middleware roles with at least 3+ years hands-on OIC (Oracle Integration Cloud) implementations.
• Strong experience with OIC components: Integrations, Adapters (File, FTP, Database, SOAP, REST, Oracle ERP), Orchestrations/Maps, OIC Insight/Monitoring, Visual Builder (VBCS) or similar
• Expert in web services and message formats: REST/JSON, SOAP/XML, WSDL, XSD, XPath, XSLT, JSON Schema
• Good knowledge of Oracle Cloud stack / OCI (API Gateway, Vault, Autonomous DB) and on-prem integration patterns
• SQL & PL/SQL skills for data manipulation and troubleshooting; exposure to FBDI/HDL (for bulk loads) is desirable
• Strong problem-solving, stakeholder management, written/verbal communication and team mentoring experience

Nice-to-have / Preferred:

• Oracle OIC certification(s) or Oracle Cloud certifications
• Exposure to OCI services (API Gateway, Vault, Monitoring) and Autonomous Database
• Experience with Oracle Fusion functional areas (Finance, Supply Chain, HCM) and business events/REST APIs preferred.
• Background with SOA Suite/Oracle Service Bus (useful if migrating legacy SOA to OIC)
• Experience designing multi-tenant integrations, rate limiting/throttling and API monetization strategies.

In-depth knowledge in Healthcare and BPaaS domain, Good understanding in Delivery Excellence Framework, Expertise in business and IT processes, platforms, operations, controls and dependencies Secondary Skills: Intermediate to Expert proficiency in conducting audits & assessments in BPaaS domain areas, Proficiency in building, monitoring and testing controls for BPaaS

• Provide facilitation to ensure noiseless delivery and enable best practices adoption & evangelization through appropriate processes and platforms
• Solution consultant for projects to adopt right tools and measure to ensure product & service quality in the appropriate service lines
• Ensure effective governance of projects and deliverables
• Proactive risk management and mitigation, build known risks database to identify and mitigate risks proactively and establish oversight to monitor quality, targets and spending on implementation plan
• Enabling and co-working with the accounts / projects in compliance of regulatory requirements, other certification requirements of the Organization and the Customers for BPaaS domain. Support closure of external/internal audit findings, RCA/CAPA/FMEA for escalations
• Establish Integrated Risk and Delivery Governance models, and oversight to monitor quality, targets, overrun and penalty
• Build process mapping for BPaaS describing the high level activities across Product Service Lines establish ETVX, role definition, gating criteria, SLAs, OLAs and RACI
• Design and ensure operational and compliance controls are implemented, tested and monitored
• Build core competency to carry out DEx BPaaS audits and assessments