Senior Information Security Engineer

Job Role: Senior Information Security Engineer

Job Location: Bangalore / Chennai

Experience: 8+ Years

Job Roles & Responsibilities:

• Conduct vulnerability assessments and policy compliance checks using industry-leading tools such as Qualys across on-prem, cloud, containers (Docker, Kubernetes), databases, and web services.
• Validate false positives , ensure accuracy of findings , and deliver high-quality reports to stakeholders.
• Serve as a technical subject matter expert (SME) to interpret vulnerability results and detection logic.
• Provide remediation guidance and security consulting support to infrastructure and application support teams.
• Analyze findings to identify root causes and provide recommendations for long-term, sustainable improvements .
• Build and maintain a technical knowledge base to ensure continuous quality in vulnerability management (VM) practices.
• Conduct research on emerging threats and vulnerabilities and track developments in the vulnerability management lifecycle.
• Ensure adherence to security policies, guidelines, and compliance standards ; assist in aligning teams across the organization.
• Propose and implement service improvements based on stakeholder feedback and evolving security landscapes.
• Lead and mentor junior team members , acting as line manager when necessary, and provide direction in day-to-day operations.
• Create and maintain comprehensive documentation including SOPs, technical reports, risk assessments , and compliance evidence.

Job Skills & Requirements:

Education:

• Bachelor's Degree in Engineering, Computer Science, Information Technology, or related discipline.
• Professional certifications such as CISSP , CISA , CISM , CRISC , CCNA/CCNP Security , or CCIE Security are highly desirable.

Experience:

• Minimum 8 years of experience in Information Security, ideally within the Banking and Financial Services industry.
• Strong background in risk and threat assessments , vulnerability management , and security operations .

Technical Skills:

• Extensive experience with vulnerability scanning tools (e.g., Qualys, Nessus, Rapid7).
• Proficient in handling cloud technologies , and network security components such as firewalls, routers, switches, proxies , and load balancers .
• Deep understanding of container security (Docker/Kubernetes), cloud security (AWS, Azure, GCP), and web application security .
• Familiarity with information security frameworks (e.g., NIST, ISO 27001) and regulatory requirements.
• Experience leading and managing security projects and teams , including mentoring and technical leadership.
• Strong troubleshooting, problem-solving , and communication skills (both written and verbal).