Information Security Engineering Specialist

Full time

Information Security Engineering Specialist

India, Pune

12 days ago

IT&S

Apply

Facebook
Linkedin
Twitter
Instagram
Email
Copy Link

Full time

RQ105549

Information Security Engineering Specialist

India, Pune

Save job icon

Save Job

You have successfully copied the job URL to clipboard!

Job category

IT&S

Experience level

Intermediate

Relocation available

This role is eligible for relocation within country

Job type

Professionals

Travel required

Up to 10% travel should be expected with this role

Job code

RQ105549

Job category

IT&S

Job type

Professionals

Experience level

Intermediate

Travel required

Up to 10% travel should be expected with this role

Relocation available

This role is eligible for relocation within country

Job code

RQ105549

Job Description

You will work with

This team safeguards the company's digital assets and ensuring robust cyber resilience. They cover various aspects of cybersecurity, including threat and exposure management, security engineering, cyber incident response, security Dev Ops, and insider threat. Each team has specific responsibilities and areas of focus, collaborating closely with other digital security teams and business units to ensure a cohesive approach to cybersecurity.

Let Me Tell You About

The Role

We are looking for an innovative  Information Security Engineering Specialist  to define, implement, govern, and strengthen our global container environment security across our multi-cloud platform, supporting critical business operations. In this role, you will focus on Container Security with a deep technical background in cloud-native ecosystems to govern and drive the protection of our containerized environments.

The ideal candidate brings a hands-on technical expertise for securing the container lifecycle - build, ship, and run - and will partner with the platform engineering, Secure Dev Ops, Application Security and SRE teams to design and implement secure and automated controls that continuously reduce the risk without slowing down delivery. You will ensure compliance with industry regulations, safeguard critical data, and enable secure integration across diverse business environments.

What You Will Deliver

Container Security Advisory & Strategy – Act as the Container Security Specialist, supporting Dev Ops and platform teams on secure-by-design principles. Align container security strategy with the global business goals and regulatory requirements.
Policy, Standards & Governance – Improve the global container security standards, baseline, and Policy-as-code tailored for Oil & Gas, covering critical infrastructure protection aligned with NIST SP 800-190, and other security principles. Implement and improve governance for sophisticated containerized environments supporting global operations. Conduct detailed security assessments and reviews of critical containerized infrastructure.
Engineering & Architecture – Build and implement security policies for Kubernetes (K8s) clusters, including RBAC, Network Policies, and Pod Security Standards. Review CI/CD pipelines for vulnerabilities in container images and third-party libraries. Handle runtime container security tools to detect and intercept anomalous behavior. Implement and enforce compliance to ensure 'Secure by Build' environment.
Collaboration & Relationships – Build positive relationships across business units and technology ecosystems.
Safety & Compliance – Champion operational safety and digital security by ensuring container security policies reinforce compliance.

What you will need to be successful (experience and qualifications)

9+ years of cyber security experience, including 5+ years of experience in leading a container security engineering.
Extensive experience on one of the following areas:
Container Security, image scanning, SBOM, dependency control, runtime security, eBPF tools, Cloud Security (AWS and Azure), etc.
Deep experience in crafting container security solutions for reliable and scalable infrastructure, cloud and data products in sophisticated environments.

Experience with automation and scripting for security tasks (e.g., IaC, CI/CD integration) and security tooling (e.g., CNAPP such as Prisma Cloud, Aqua, Wiz, and others).
Deep…