Principal Security Engineer

External

Reputation · Hyderabad, India

Full-timeOn-siteToday

AnsibleAWSAzureBashCI/CDCloud Security

Cover Letter Connect

Prepare for this interview

Elite

AI-generated questions, company research, and talking points tailored to this role

About the role

We are seeking an accomplished Senior or Principal level DevSec Engineer to strengthen and advance our cloud security and DevSecOps posture. The ideal candidate will possess a deep understanding of secure software engineering, CI/CD automation, and cloud-native security practices across AWS, Azure, and GCP. This role combines hands-on technical expertise with strategic leadership, helping implement scalable, automated, and secure DevSecOps frameworks that safeguard our infrastructure and product environments. You will play a key role in building secure-by-design systems, managing cryptographic frameworks, and leading automation across security monitoring, vulnerability management, and incident response.

Responsibilities

DevSecOps Architecture & Automation

Design and enhance secure CI/CD pipelines integrating SAST, DAST, dependency scanning, and container image scanning (e.g., Trivy, SonarQube, Snyk).

Implement automated policy enforcement using IaC and GitOps (Terraform, Helm, Ansible).

Lead multi-cloud security integration across AWS, GCP, and Azure, including IAM, KMS, and encryption services.

Drive automation of compliance, vulnerability management, and remediation workflows.

Collaborate with developers to embed security throughout the SDLC ('shift-left' security).

Cloud & Platform Security

Manage and secure Kubernetes and containerized workloads across QA, staging, and production.

Enforce secure configurations based on CIS Benchmarks, STIGs, and NIST 800-53 guidelines.

Implement key management, certificate lifecycle management, and cryptographic controls (PKI, RSA, ECC, AES, X.509).

Support multi-cloud IAM integration (Okta, JumpCloud, Duo, SailPoint) ensuring SSO and MFA best practices.

Oversee WAF management, network segmentation, and security hardening.

Security Operations & Monitoring

Lead vulnerability management using Qualys, Burp Suite, SonarCloud, and cloud-native scanners.

Monitor and manage endpoint protection via SentinelOne or equivalent EDR tools.

Perform secret detection and secure code review; coordinate with dev teams for rotation and remediation.

Integrate SIEM solutions and automate alerting for real-time threat detection.

Support and enhance incident response procedures, including detection, containment, and forensics.

Governance, Risk & Compliance

Ensure adherence to security and compliance frameworks (ISO 27001, SOC 2, NIST).

Contribute to security audits, automation of evidence collection, and reporting.

Maintain and evolve security documentation, standards, and runbooks for DevSecOps workflows.

Participate in vendor and third-party risk management, assessing security posture and integration risks.

Leadership & Continuous Improvement

Mentor junior security and DevOps engineers; promote secure engineering culture across teams.

Evaluate and introduce emerging tools for threat modeling, scanning, and cryptographic management.

Drive automation-first initiatives to reduce operational overhead and human error.

Lead post-incident reviews and contribute to architecture improvements.

Required Skills & Qualifications:

Preferred candidate will have Master's degree/PhD in computer science/Computer Engineering /Cyber security or in a relevant field with 15+ years of experience in DevSecOps, Security Engineering, or Cloud Security roles.

Strong knowledge of PKI, KMS, and cryptographic standards (RSA, AES, ECC, SHA, TLS).

Hands-on expertise in CI/CD automation, Kubernetes, Docker, and cloud services (AWS, GCP, Azure).

Proficiency with Terraform, Ansible, and scripting languages (Python, Go, or Bash).

Deep understanding of IAM, SSO/MFA, and federated identity protocols (OAuth 2.0, OIDC, SAML 2.0).

Experience managing WAFs, EDR, and SIEM solutions.

Familiarity with security frameworks (ISO, NIST, CIS Benchmarks).

Preferred / Nice to Have:

Certifications: CKA, CKS, CISSP, Security+, Terraform Associate, or CEH.

Experience with Venafi CLM, Gemalto Key Secure, or HSM integrations.

Exposure t

Principal Security Engineer

About the role

Responsibilities

Benefits

Additional Information

Your Match

Company Intel

What employees say

Interested in this role?