Senior Engineer - Infra, Compliance & Security

We’re looking for a Senior Engineer with strong security experience (Data Privacy & Compliance) with strong experience in Python, Terraform, and AWS.

You’ll play a key role in designing and maintaining secure and compliant infrastructure, automating compliance controls, and ensuring our systems meet global data privacy and security standards such as SOC 2, GDPR, and ISO 27001 etc.

While your core focus will be on infrastructure security, compliance automation, and AWS, you may be required to develop other technology based modules such as Python, Ruby on Rails, internal documentation, or broader DevSecOps initiatives.

Responsibilities:

- Architect security and data privacy solutions, setup infrastructure, develop common capabilities, document uptake recipes and enable other developers uptake.

- Observe and monitor IT security and improve security operations on on-going basis in collaboration with the rest of the security and IT operations team.

-Implement security guardrails and baselines using Terraform and AWS native controls (Config, IAM, KMS, CloudTrail, Security Hub).

- Develop and maintain Python-based automation for compliance validation, audit data collection, and remediation workflows.

- Contribute to secure CI/CD, BAU practices and integrate policy-as-code.

- Map and operationalize controls for GDPR, SOC 2, ISO 27001, PCI DSS, etc.

- Apply privacy-by-design principles for data storage, access control, and retention.

- work with third parties, standards and compliance bodies to achieve industry certifications and maintain/improve the companies certification and compliance levels.

- Occasionally support Python and Rails applications by advising on secure configurations and dependencies.

- Help maintain documentation of security architecture, risk assessments, and compliance procedures.

- Partner with DevOps and Engineering teams to embed security and compliance early in design.

Requirements

- Proficient in Python for automation, scripting, and AWS SDK (boto3) integrations.

- Strong experience with Terraform and infrastructure-as-code best practices.

- Deep understanding of general cloud security and AWS security services (IAM, KMS,

- CloudTrail, Config, Security Hub, GuardDuty).

- Solid understanding of network security, identity management, and data protection.

- Experience in regulated or audit-driven environments (finance, SaaS etc.).

- Experience implementing security monitoring, incident response automation, or

- Awareness of data privacy and compliance frameworks (GDPR, SOC 2, ISO 27001).

- Interest in compliance-as-code, privacy-by-design, or DevSecOps pipelines.

- Strong communication, team mentoring, process management, documentation and

- Prior experience working in compliance-sensitive or regulated environments (finance, SaaS, healthcare).

- Exposure to Zero Trust architecture concepts and identity-based access design.

- Knowledge of policy-as-code or security automation (OPA, Checkov, tfsec, Sentinel).

- Familiarity with Web apps, including Rails application security (headers, CSRF, secrets management).

Benefits

Provident Fund, Medical Inpatient Facility, Medical Outpatient Facility, Paid Overtime, In-house Subsidized Lunch & Dinner, Gym Facility, Entertaining Activities, Interest Free Loan Facility, Advance Salaries and Sports Allowance.