Senior Engineer - Infra, Compliance & Security

We’re looking for a Senior Engineer with strong security experience (Data Privacy & Compliance) with strong experience in Python, Terraform, and AWS. You’ll play a key role in designing and maintaining secure and compliant infrastructure, automating compliance controls, and ensuring our systems meet global data privacy and security standards such as SOC 2, GDPR, and ISO 27001.

While your core focus will be on infrastructure security, compliance automation, and AWS, you may be required to develop other technology based modules such as Python, Ruby on Rails, internal documentation, or broader DevSecOps initiatives.

Responsibilities

• Architect security and data privacy solutions, set up infrastructure, develop common capabilities, document uptake recipes, and enable other developers uptake.
• Observe and monitor IT security and improve security operations on an ongoing basis in collaboration with the rest of the security and IT operations team.
• Implement security guardrails and baselines using Terraform and AWS native controls (Config, IAM, KMS, CloudTrail, Security Hub).
• Develop and maintain Python‑based automation for compliance validation, audit data collection, and remediation workflows.
• Contribute to secure CI/CD, BAU practices and integrate policy‑as‑code.
• Map and operationalize controls for GDPR, SOC 2, ISO 27001, PCI DSS, etc.
• Apply privacy‑by‑design principles for data storage, access control, and retention.
• Work with third parties, standards and compliance bodies to achieve industry certifications and maintain/improve the company's certification and compliance levels.
• Occasionally support Python and Rails applications by advising on secure configurations and dependencies.
• Help maintain documentation of security architecture, risk assessments, and compliance procedures.
• Partner with DevOps and Engineering teams to embed security and compliance early in design.

Qualifications & Skills

• Proficient in Python for automation, scripting, and AWS SDK (boto3) integrations.
• Strong experience with Terraform and infrastructure‑as‑code best practices.
• Deep understanding of general cloud security and AWS security services (IAM, KMS, CloudTrail, Config, Security Hub, GuardDuty).
• Solid understanding of network security, identity management, and data protection.
• Experience in regulated or audit‑driven environments (finance, SaaS, etc.).
• Experience implementing security monitoring, incident response automation.
• Aware of data privacy and compliance frameworks (GDPR, SOC 2, ISO 27001).
• Interest in compliance‑as‑code, privacy‑by‑design, or DevSecOps pipelines.
• Strong communication, team mentoring, process management, documentation.
• Prior experience working in compliance‑sensitive or regulated environments (finance, SaaS, healthcare).
• Exposure to Zero Trust architecture concepts and identity‑based access design.
• Knowledge of policy‑as‑code or security automation (OPA, Checkov, tfsec, Sentinel).
• Familiarity with web apps, including Rails application security (headers, CSRF, secrets management).

Benefits

• Provident Fund
• Medical Inpatient Facility
• Medical Outpatient Facility
• Paid Overtime
• In‑house subsidized lunch & dinner
• Gym Facility
• Entertaining activities
• Interest‑free loan facility
• Advance salaries
• Sports allowance