11+ SCA Jobs in Bangalore (Bengaluru) | SCA Job openings in Bangalore (Bengaluru)

SENIOR INFORMATION SECURITY ENGINEER (DEVSECOPS)

Key Skills: Software Development Life Cycle (SDLC), CI/CD

About Company: Consumer Internet / E-Commerce

Company Size: Mid-Sized

Experience Required: 6 - 10 years

Working Days: 5 days/week

Office Location: Bengaluru [Karnataka]

Review Criteria:

Mandatory:

• Strong DevSecOps profile
• Must have 5+ years of hands-on experience in Information Security, with a primary focus on cloud security across AWS, Azure, and GCP environments.
• Must have strong practical experience working with Cloud Security Posture Management (CSPM) tools such as Prisma Cloud, Wiz, or Orca along with SIEM / IDS / IPS platforms
• Must have proven experience in securing Kubernetes and containerized environments including image security,runtime protection, RBAC, and network policies.
• Must have hands-on experience integrating security within CI/CD pipelines using tools such as Snyk, GitHub Advanced Security,or equivalent security scanning solutions.
• Must have solid understanding of core security domains including network security, encryption, identity and access management key management, and security governance including cloud-native security services like GuardDuty, Azure Security Center etc
• Must have practical experience with Application Security Testing tools including SAST, DAST, and SCA in real production environments
• Must have hands-on experience with security monitoring, incident response, alert investigation, root-cause analysis (RCA), and managing VAPT / penetration testing activities
• Must have experience securing infrastructure-as-code and cloud deployments using Terraform, CloudFormation, ARM, Docker, and Kubernetes
• B2B SaaS Product companies
• Must have working knowledge of globally recognized security frameworks and standards such as ISO 27001, NIST, and CIS with exposure to SOC2, GDPR, or HIPAA compliance environments

Preferred:

• Experience with DevSecOps automation, security-as-code, and policy-as-code implementations
• Exposure to threat intelligence platforms, cloud security monitoring, and proactive threat detection methodologies, including EDR / DLP or vulnerability management tools
• Must demonstrate strong ownership mindset, proactive security-first thinking, and ability to communicate risks in clear business language

Roles & Responsibilities:

We are looking for a Senior Information Security Engineer who can help protect our cloud infrastructure, applications, and data while enabling teams to move fast and build securely.

This role sits deep within our engineering ecosystem. You’ll embed security into how we design, build, deploy, and operate systems—working closely with Cloud, Platform, and Application Engineering teams. You’ll balance proactive security design with hands-on incident response, and help shape a strong, security-first culture across the organization.

If you enjoy solving real-world security problems, working close to systems and code, and influencing how teams build securely at scale, this role is for you.

What You’ll Do-

Cloud & Infrastructure Security:

• Design, implement, and operate cloud-native security controls across AWS, Azure, GCP, and Oracle.
• Strengthen IAM, network security, and cloud posture using services like GuardDuty, Azure Security Center and others.
• Partner with platform teams to secure VPCs, security groups, and cloud access patterns.

Application & DevSecOps Security:

• Embed security into the SDLC through threat modeling, secure code reviews, and security-by-design practices.
• Integrate SAST, DAST, and SCA tools into CI/CD pipelines.
• Secure infrastructure-as-code and containerized workloads using Terraform, CloudFormation, ARM, Docker, and Kubernetes.

Security Monitoring & Incident Response:

• Monitor security alerts and investigate potential threats across cloud and application layers.
• Lead or support incident response efforts, root-cause analysis, and corrective actions.
• Plan and execute VAPT and penetration testing engagements (internal and external), track remediation, and validate fixes.
• Conduct red teaming activities and tabletop exercises to test detection, response readiness, and cross-team coordination.
• Continuously improve detection, response, and testing maturity.

Security Tools & Platforms:

• Manage and optimize security tooling including firewalls, SIEM, EDR, DLP, IDS/IPS, CSPM, and vulnerability management platforms.
• Ensure tools are well-integrated, actionable, and aligned with operational needs.

Compliance, Governance & Awareness:

• Support compliance with industry standards and frameworks such as SOC2, HIPAA, ISO 27001, NIST, CIS, and GDPR.
• Promote secure engineering practices through training, documentation, and ongoing awareness programs.
• Act as a trusted security advisor to engineering and product teams.

Continuous Improvement:

• Stay ahead of emerging threats, cloud vulnerabilities, and evolving security best practices.
• Continuously raise the bar on a company's security posture through automation and process improvement.

Endpoint Security (Secondary Scope):

• Provide guidance on endpoint security tooling such as SentinelOne and Microsoft Defender when required.

Ideal Candidate:

• Strong hands-on experience in cloud security across AWS and Azure.
• Practical exposure to CSPM tools (e.g., Prisma Cloud, Wiz, Orca) and SIEM / IDS / IPS platforms.
• Experience securing containerized and Kubernetes-based environments.
• Familiarity with CI/CD security integrations (e.g., Snyk, GitHub Advanced Security, or similar).
• Solid understanding of network security, encryption, identity, and access management.
• Experience with application security testing tools (SAST, DAST, SCA).
• Working knowledge of security frameworks and standards such as ISO 27001, NIST, and CIS.
• Strong analytical, troubleshooting, and problem-solving skills.

Nice to Have:

• Experience with DevSecOps automation and security-as-code practices.
• Exposure to threat intelligence and cloud security monitoring solutions.
• Familiarity with incident response frameworks and forensic analysis.
• Security certifications such as CISSP, CISM, CCSP, or CompTIA Security+.

Perks, Benefits and Work Culture:

A wholesome opportunity in a fast-paced environment that will enable you to juggle between concepts, yet maintain the quality of content, interact and share your ideas and have loads of learning while at work. Work with a team of highly talented young professionals and enjoy the comprehensive benefits that company offers.

Responsibilities: 

• Develop and maintain high-quality, efficient, and scalable backend applications. 
• Participate in all phases of the software development lifecycle (SDLC) 
• Write clean, well-documented, and testable code adhering to best practices. 
• Collaborate with team members to ensure the successful delivery of projects. 
• Debug and troubleshoot complex technical problems. 
• Identify and implement performance optimizations. 
• Participate in code reviews 
• Hands-on experience with Springboot, Java 8 and above. 
• 2-5 years of experience developing Java applications. 
• Knowledge about at least one messaging system like Kafka, RabbitMQ etc. 
• Required React developer requirements, qualifications & skills: 
• Proficiency in React.js and its core principles 
• Strong JavaScript, HTML5, and CSS3 skills 
• Experience with popular React.js workflows (such as Redux) 
• Strong understanding of object-oriented programming (OOP) principles. 
• Experience with design patterns and best practices for Java development. 
• Proficient in unit testing frameworks (e.g., JUnit). 
• Experience with build automation tools (e.g., Maven, Gradle). 
• Experience with version control systems (e.g., Git). 
• Experience with one of these databases – Postgres, MongoDb, Cassandra 
• Knowledge on Retail or OMS is a plus. 
• Experienced in containerized deployments using Docker, Kubernetes and DevOps mindset 
• Ability to reverse engineer existing/legacy and document findings on confluence. 
• Create automated tests for unit, integration, regression, performance, and functional testing, to meet established expectations and acceptance criteria. 
• Document APIs using Lowe’s established tooling. 

Sap Abap on Hana:

Summary:

As an Application Developer, you will design, build, and configure applications to meet business process and application requirements. A typical day involves collaborating with team members to understand project needs, developing application features, and ensuring that the solutions align with business objectives. You will also engage in testing and troubleshooting to enhance application performance and user experience, while continuously seeking opportunities for improvement and innovation in application development processes. 

Roles & Responsibilities:

• Expected to perform independently and become an SME.
• Required active participation/contribution in team discussions.
• Contribute in providing solutions to work related problems.- Assist in the documentation of application specifications and user guides.
• Engage in code reviews to ensure quality and adherence to best practices.

Professional & Technical Skills:

Must To Have Skills: Proficiency in SAP ABAP Development for HANA.

Good To Have Skills:

• Experience with SAP Fiori and SAP UI5.
• Strong understanding of object-oriented programming principles.
• Experience with database management and SQL.- Familiarity with Agile development methodologies. 

Additional Information: The candidate should have minimum 5 years of experience in SAP ABAP Development for HANA

What you'll do:

• Partner closely with Product Design, Engineering, and Product Management to understand requirements and deliver product features and roadmap as envisioned by stakeholders.
• Own end-to-end user journey and all aspects of design execution from ideation, to prototyping, to user acceptance testing of product design tasks assigned.
• Conduct user interviews, user testing sessions, card sorting, affinity mapping, conduct both qualitative and quantitative tests, and analyze the data.
• Design high-impact, functional responsive interfaces for web and mobile
• Collaborate with other designers and participate in our design critique process, to receive and provide feedback on design work
• Manage and contribute to Kaizen - Beaconstac's Design System

Skills you bring to the table:

• Experience in designing SaaS products with large customer bases
• Deep expertise using Figma/Xd/Sketch, and familiarity with design systems
• Knowledge of Carbon - IBM's Design system or experience building a design system from scratch is a plus.
• Fundamental understanding of the end-to-end iterative UX design process — research, ideation, information architecture, prototyping, validation, and refining solutions into pixel-perfect deliverables.
• Ability to articulate design decisions throughout the user-centered design process.
• Ability to update and engage with stakeholders like product managers and engineers.
• Relevant fundamental knowledge of front-end technologies to collaborate with UI engineering teams will be an advantage.

What does the core role include?

• Designing and developing high-volume, low-latency applications for mission-critical systems and delivering high-availability and performance
• Designing stateless components in React Native
• Contributing in all phases of the development lifecycle
• Working with the developers to create and maintain a robust framework to support the apps
• Working with the developers to build the interface with a focus on usability features
• 
  

What else can you expect in the role?

• Prepare and produce releases of software components
• Optimizing performance for the apps
• Problem-solving skills, analytical mind, and positive attitude
• Ability to think from end users perspective and focused on improving the overall product experience.
• Deliver across the entire app life cycle concept, design, build, deploy, test, release to app stores and support
• 
  

What can fetch you brownie points?

• Hands on experience with React Native is required
• Hands-on experience in React Native APIs, ReactJS, Javascript, ECMAScript (OOJS) and JSX.
• Strong understanding of JavaScript ecosystem
• Hands on experience on Android in creating Hybrid / Native applications
• Demonstrable UI/UX experience on a large-scale app.
• Thorough understanding of React Native development tools like IDEs (Nuclide, Atom, Sublime Text, or Visual
• Good knowledge of JS frameworks like ReactJS is a plus.

Desired Skills and Experience

Hybrid Apps,React Native, Native iOS and Android Architecture understanding

Key Responsibilities

• Design and Build complicated Workflow
• Understanding the user persona and deliver slick experience
• Experience in JavaScript (ReactJS / Redux) React Native, HTML, CSS, JQuery, HTTP
• Strong understating of XML, JSON, DOM, and w3c standards
• Providing technical expertise for every phase of the project lifecycle; from concept development to solution design, implementation, optimization and support
• Be an Interface with Stockholder sand architects to create technology specifications from business requirements for one or more modules within the project
• Responsible to prepare the technical design of the components within the module (one or more of client/web presentation tier, server tier, data access and data model, integration component, package function customization)
• Proficient in articulating the pros and cons of using a certain technology stack or component or design pattern versus another to the clients and project team and drives selection of technologies, designs to come up with the optimal architecture
• Drives the performance tuning, re-design and re-factoring for a module
• Contributes to designing and implementing the build, release process as well as system configuration and deployment characteristics of the application
• Implements (hands-on) the module components based on prevailing Framework and Open-source standards & its best practices.
• Mentors the team (people working on the module and other project team members) on technology concepts and best practices for design, implementation and other processes

Qualification & Experience

• Automate and maintain ML and Data pipelines at scale
• Collaborate with Data Scientists and Data Engineers on feature development teams to containerize and build out deployment pipelines for new modules
• Maintain and expand our on-prem deployments with spark clusters
• Design, build and optimize applications containerization and orchestration with Docker and Kubernetes and AWS or Azure

• 5 years of IT experience in data-driven or AI technology products
• Understanding of ML Model Deployment and Lifecycle
• Extensive experience in Apache airflow for MLOps workflow automation
• Experience is building and automating data pipelines
• Experience in working on Spark Cluster architecture
• Extensive experience with Unix/Linux environments
• Experience with standard concepts and technologies used in CI/CD build, deployment pipelines using Jenkins
• Strong experience in Python and PySpark and building required automation (using standard technologies such as Docker, Jenkins, and Ansible).
• Experience with Kubernetes or Docker Swarm
• Working technical knowledge of current systems software, protocols, and standards, including firewalls, Active Directory, etc.
• Basic knowledge of Multi-tier architectures: load balancers, caching, web servers, application servers, and databases.
• Experience with various virtualization technologies and multi-tenant, private and hybrid cloud environments.
• Hands-on software and hardware troubleshooting experience.
• Experience documenting and maintaining configuration and process information.
• Basic Knowledge of machine learning frameworks: Tensorflow, Caffe/Caffe2, Pytorch