Staff Infosec Engineer
Gap
IT
Hyderabad, Telangana, India
Posted on Apr 21, 2025
About the Role
In this role, you will design, develop, and implement comprehensive data security solutions to protect our company's sensitive information. You will focus on areas such as Cloud Security, Infrastructure Security, Product Security, Defensive Engineering, and Identity and Access Management to ensure robust data protection across all platforms.What You'll Do
- Implement and manage data security solutions, including but not limited to Cloud Security, Infrastructure Security, Product Security, Defensive Engineering, and Identity and Access Management.
- Demonstrate proficient knowledge of infrastructure standard security practices, concepts, and technologies relevant to the role.
- Manage technical requirements analysis and draft technical design specifications based on interpretation of functional requirements gathered through working with business and project teams.
- Maintain an enterprise-wide identity and access management infrastructure.
- Implement security controls governing CI/CD pipelines and provide technical advisory support across a rapidly modernizing and dynamic hybrid multi-cloud, on-prem, and retail chain environment.
- Ensure governance and compliance with legal and regulatory requirements while maintaining company Information Security policies, standards, and industry best practices.
- Drive automation of cloud security processes.
- Mentor junior Security Engineers towards achieving command of the skills necessary to perform all work-related tasks.
- Perform regular security assessments and audits to ensure compliance with security policies and standards.
- Investigate and respond to security incidents, providing detailed reports and recommendations.
- Collaborate with development and IT teams to ensure secure coding practices and system configurations.
- Maintain and update security documentation, including policies, procedures, and guidelines.
- Stay informed about the latest security threats and technologies to proactively address potential risks.
- Utilize Microsoft Purview to manage and monitor data security, ensuring protection across clouds, apps, and devices.
- Implement popular Data Security Posture Management (DSPM) solutions such as Varonis, Cyera, and Sentra to enhance data security posture management.
- Apply AI/ML training to enhance cybersecurity defenses and automate security processes.
- Integrate employee productivity AI assistants to streamline tasks and improve efficiency.
Who You Are
Who you are:
- Demonstrate knowledge of infrastructure standard security practices, concepts, and technologies relevant to the specific role.
- Demonstrate proficiency in specific security technologies, applications, standards, and methodologies.
- Strong Java/J2EE development experience; strong scripting skills.
- Experience in pipeline security, CI/CD authoring, configuration management scripts, and deployment tools.
- Ability to assess relatively complex situations and analyze data to make judgments and recommend solutions.
- Understanding of concepts and procedures specific to Information Security Engineering practices.
- Knowledge of data protection technologies such as encryption, tokenization, and DLP.
- Familiarity with security frameworks and standards such as NIST, ISO 27001, and GDPR.
- Strong analytical and problem-solving skills.
- Good communication and teamwork abilities.
Preferred Qualifications:
- Bachelor s degree in related filed, to include computer science, or equivalent combination of education and experience
- 10+ years of experience in Data Security, cybersecurity, or a related field
- Relevant certifications such as CEH, CompTIA Security+, or GIAC.
- Experience with security tools and platforms such as SIEM, IDS/IPS, and firewalls.
- Knowledge of cloud security and DevSecOps practices.