Security Engineer

• We are built for scale.
• We are built for complexity.
• We are built for outcomes.

• A powerful Customer Data Platform (CDP)
• Real-time behavioral segmentation and intelligence
• Omnichannel journey orchestration
• AI-driven personalization and recommendations
• Deep analytics, experimentation, and revenue attribution
• WebEngage BLACK: our AI-native layer that brings Agentic capabilities to engagement.

Position Overview

Responsibilities:

• Conduct penetration tests using specialized tools to identify vulnerabilities and collaborate with Development or DevOps teams to plan and implement remediation strategies.
• Coordinate with external Vulnerability Assessment and Penetration Testing (VAPT) vendors for audits, serving as the liaison between the vendor and the engineering team.
• Partner with the DevOps team to perform cloud security audits and develop remediation plans.
• Respond to security questionnaires from customers or vendors and address security-related questions during virtual meetings.
• Lead security-related projects, providing regular progress updates and reports.
• Implement and configure tools to enhance security practices, including static code analysis and automated code audits.
• Manage the security calendar and execute activities such as:

1. Cloud Business Continuity Planning (BCP) and Disaster Recovery (DR) exercises in collaboration with the DevOps team.
2. Cryptographic audits (including encryption at rest and in transit) and key rotation processes with DevOps support.
3. Audits of automated code quality checks within CI/CD pipelines.
4. Reviews of standard operating procedures to ensure adherence and timely execution.

• Oversee the compliance calendar for standards such as ISO 27001, ISO 27701, SOC 2, and future certifications, including:

1. Coordinating with responsible teams to ensure all required activities are completed on schedule.
2. Responding to technical and process-related inquiries during audits alongside other team members.
3. Monitoring and ensuring employee security training and retraining programs are up to date.
4. Tracking and maintaining all security-related metrics.
5. Handling any additional audit-related tasks.

Required Qualifications:

• Strong understanding of SaaS applications and associated security challenges.
• Familiarity with one or more cloud platforms, such as AWS, GCP, or Azure.
• Knowledge of fundamental networking concepts, including OSI layers, TLS protocols, and cryptography.
• Proficiency in at least one scripting language (e.g., Python, Java, Node.js).
• Awareness of common security risks, including OWASP Top 10, CIS Benchmarks, and recent CVE vulnerabilities.
• Excellent verbal and written communication skills for interacting with internal and external stakeholders, as well as project reporting.
• Commitment to continuous learning and staying current with evolving security trends.

Preferred Skills and Knowledge

• Bachelor's degree in Engineering or equivalent in a related field, such as Computer Engineering, Electronics, or Telecommunications.
• 3 to 5 years of relevant experience in security, compliance, or a similar role.

• We take transparency very seriously. Along with a full view of team goals, get a top-level view across the board with our monthly & quarterly town hall meetings.
• A highly inclusive work culture that promotes a relaxed, creative and productive environment.
• Practice autonomy, open communication, and growth opportunities, while maintaining a perfect work-life balance