Principal Security Engineer
Location
Bangalore | India
Job description
Grow your career with a growing organization
Whether they're helping people reach their long-term financial goals or providing personal wealth management strategies, every associate contributes to changing the lives of those we serve for the better. When it comes to job satisfaction, that's hard to beat. And from a personal satisfaction perspective, you'll enjoy the freedom to support causes that matter to you and experience a truly inclusive work environment. Your future starts now.
As a Principal Security Engineer in our Technology Innovation Lab, you will drive both business and security innovation while playing a key role in our adoption of emerging technologies such as Generative AI.
What you will Do:
You will be embedded with our team of technologists to help securely design, pilot & implement tools and systems using emerging technologies. This will involve defining standards & guardrails, crafting secure design patterns, performing security assessments of vendor/opensource technologies using a risk-based, threat-modeling approach.
The Principal Security Engineer will have the following core responsibilities:
- Partner with Enterprise Architecture and technology teams to create secure designs that meet security requirements and enable business objectives
- Participate in emerging technology proof-of-concepts or pilot projects while retaining an eye on meeting security obligations and good practice
- Develop relationships, repeatable processes, and resources to usher security champions within The Innovation Lab
- Perform threat-modeling as required to substantiate the recommendations & designs
- Participate in the development and maintenance of security policy, standards & reference materials
- Review and contribute to infrastructure-as-code representations of architecture designs or changes
Candidate
You are passionate, curious, and self-driven. You have a passion for trying new things, working with emerging technologies, and aren't afraid to fail fast-forward. You enjoy understanding and solving complex problems with incomplete information. You may not know everything, but you have a solid foundation and can untangle, self-learn, and identify creative ways to solve problems. Likewise, you should be extremely comfortable architecting secure cloud-based systems, and you should be able to convey security threats, business implications & architectural requirements to both technical & non-technical audiences.
What you will bring:
- Ability to collaborate & communicate effectively with technical & non-technical teams
- Extensive experience designing & building secure cloud-native solutions, especially in Amazon Web Services (AWS) & Microsoft Azure
- Ability to partner with multiple stakeholders to derive accurate threat models for new/existing systems and reduce information security risk on systems
- Demonstrable experience and passion for emerging technologies
- Knowledge of Infrastructure-as-Code (IaC) principles & experience reviewing infrastructure configurations/changes in this format (e.g., CloudFormation, Terraform, etc.)
- Strong technical foundations in modern application/microservice architectures & related technologies (e.g., Containers, Kubernetes, Service Mesh, RESTful/gRPC APIs, etc.)
- Understanding of CI/CD & Secure Development processes & tools (e.g., Jenkins, Git, etc.)
- Strong foundation in cybersecurity landscape, especially in identity & access management, network access control and secure configuration management
- Bachelor's degree in Information Technology, Computer Science, or related field; or equivalent experience.
What will set you apart:
- Familiarity with AWS Well-Architected Framework or Microsoft's Cloud Adoption Framework
- Familiarity with scrum project management tools (e.g., Jira)
- Professional certifications such as: AWS Certified Solutions Architect, AWS Cloud Practitioner, Certified Cloud Security Professional (CCSP), Certified Secure Software Engineer, SANS/GIAC Certificates, or Certified Information Systems Security Professional (CISSP)
- Experience working in Financial Services or FinTech space
This job description is not intended to be an exhaustive list of all duties, responsibilities and qualifications of the job. The employer has the right to revise this job description at any time. You will be evaluated in part based on your performance of the responsibilities and/or tasks listed in this job description. You may be required perform other duties that are not included on this job description. The job description is not a contract for employment, and either you or the employer may terminate employment at any time, for any reason.
We are an equal opportunity employer with a commitment to diversity. All individuals, regardless of personal characteristics, are encouraged to apply. All qualified applicants will receive consideration for employment without regard to age, race, color, national origin, ancestry, sex, sexual orientation, gender, gender identity, gender expression, marital status, pregnancy, religion, physical or mental disability, military or veteran status, genetic information, or any other status protected by applicable state or local law.
COVID COVID vaccinations are required for all individuals working in any Empower office location or who participate in in-person meetings and/or business activities, subject to state and local laws. Most Empower positions may require on-site presence on an occasional or regular basis and associates will need to provide proof of COVID vaccination, subject to state and local laws. Associates unable to comply with the COVID vaccination requirement due to medical reasons may request an accommodation.
Workplace Flexibility:
Job tags
Salary
