Drivetrain logo
Drivetrain

Strategic finance platform for the modern business

Security Engineer

Location

India

Posted

5 days ago

Salary

0

Seniority

Mid Level

Job Description

Security Engineer

Drivetrain

• Design, implement, and maintain security controls across cloud infrastructure (AWS/GCP), CI/CD pipelines, and internal systems • Lead application security efforts: threat modeling, secure code review, and integrating SAST/DAST tooling into the development lifecycle • Own vulnerability management — triage, prioritize, and drive remediation of findings from scans, pen tests, and bug bounty reports • Monitor for and respond to security incidents; build and maintain incident response runbooks • Manage identity and access controls (SSO, RBAC, least-privilege enforcement) across internal and customer-facing systems • Support customer security questionnaires, audits, and certifications (e.g., SOC 2, ISO 27001) • Partner with engineering teams to embed secure-by-design practices into new features and services • Evaluate and implement security tooling (secrets management, endpoint protection, cloud security posture management) • Educate the broader team on security best practices and champion a security-first culture

Job Requirements

  • 2+ years of experience in security engineering, application security, or a related infrastructure/security role
  • Strong understanding of cloud security fundamentals (AWS or GCP), network security, and IAM
  • Experience with secure SDLC practices — code review, dependency scanning, CI/CD pipeline security
  • Familiarity with common frameworks and standards (OWASP Top 10, SOC 2, ISO 27001, GDPR)
  • Hands-on scripting/automation skills (Python, Go, or similar) for building internal security tooling
  • Experience responding to and documenting security incidents
  • Clear communicator who can translate security risk into terms non-security stakeholders understand
  • Experience securing a SaaS product handling sensitive financial data (nice to have)
  • Prior experience leading a SOC 2 Type II or ISO 27001 audit from the engineering side (nice to have)
  • Familiarity with container security (Docker/Kubernetes) and IaC scanning (Terraform) (nice to have)
  • Relevant certifications (OSCP, CISSP, CCSP) — nice signal, not required

Related Categories

Related Job Pages

More Security Engineer Jobs

Loft logo

Senior Security Engineer – Product Security

Loft

Viramos a chave do mercado imobiliário para que mais pessoas realizem o sonho do lar ideal. #ViradaDeChaveLoft

Full TimeRemoteTeam 1,001-5,000Since 2018H1B Sponsor

• Lead Product Security and Cloud Security initiatives from design through operation • Influence architecture and product decisions, embedding security from development through production • Protect applications, APIs, and AWS environments, balancing security, performance, and availability • Proactively identify and mitigate risks, prioritizing automation and scalability • Serve as a technical reference for engineering teams, promoting best practices and reducing friction in the SDLC • Continuously evolve the security posture for cloud, applications, and generative AI • Define and operate protection strategies for applications and APIs using WAF/WAAP (preferably Azion) • Lead API security efforts, mitigating risks described in the OWASP API Security Top 10 • Improve AWS security posture using CSPM/CNAPP (Wiz or similar), Security Hub, GuardDuty, Inspector, and other native services • Develop automations for vulnerability remediation and security processes • Integrate security into the SDLC through threat modeling, security reviews, and AppSec practices • Define controls for the safe use of AI in engineering and products • Support incident response, technical documentation, and risk indicators

Brazil
Full TimeRemoteTeam 10,001+Since 1934H1B No Sponsor

• Deliver the full lifecycle of physical and electronic security elements within data centre and critical infrastructure projects. • Oversee technical installation quality, system integration accuracy, device placement, panel wiring, and alignment to global standards. • Serve as the on‑site embedded security representative, collaborating closely with construction, MEP, and infrastructure teams. • Lead functional testing of ACS, VMS, IDS, intercoms, sensors, physical hardware, and failover behaviour. • Verify installation and integration of physical security infrastructure.

Sweden
kr900K - kr1,100K / year
Ad Hoc LLC logo

PKI / IAM Security Engineer

Ad Hoc LLC

Digital-first government for the common good.

Full TimeRemoteTeam 501-1,000Since 2014H1B No Sponsor

• Design, implement, and operate identity, credential, and access management (ICAM) and public key infrastructure (PKI) capabilities • Engineering and operating ICAM services, including authentication, authorization, federation, and single sign-on for platform applications • Implementing and maintaining PKI, including certificate issuance, renewal, revocation, and key lifecycle management • Integrating Personal Identity Verification (PIV) card-based authentication in accordance with HSPD-12 and FIPS 201 • Configuring and managing cloud identity and access management (AWS IAM), including roles, policies, and least-privilege access • Applying federal identity standards and frameworks to platform design and operations • Advancing zero-trust principles across identity and access controls • Automating identity and access provisioning through infrastructure as code (Terraform) • Producing technical documentation and translating complex identity and security concepts for stakeholders • Working with government partners and application teams to meet security, compliance, and access requirements

United States
$130K - $135K / year
Noblis logo

Network Security Engineer

Noblis

An independent nonprofit organization, Noblis provides U.S. federal government clients with science, technology, and engineering services to solve challenging p

Title: Network Security Engineer (Multiple Levels) Location: Washington, Washington, DC; United States; Atlantic City, New Jersey 27320 Hybrid Full Time None Cyber Security Engineering Job Description: Responsibilities We are looking for highly technical professionals with a strong foundation in network architecture, design, and security — individuals who are ready to step up from traditional network engineering roles to take ownership of strategic, architecture-level responsibilities. Ideal candidates will have deep understanding of networking, security architecture and design, and experience applying Federal security guidelines (e.g, NIST 800-53, FISMA, etc.) to harden and secure systems. These are the types of professionals who understand both the big-picture architecture and the hands-on technical details, and who are prepared to make security-focused architectural recommendations in complex environments. The TIS Security Engineer will support the FAA Telecommunications and Integrated Services (TIS) Group and provide expert-level security engineering across the FAA’s FTI environment. This includes: - Analyzing and guiding network architecture to ensure cybersecurity is built-in from the ground up. - Performing hands-on reviews of system configurations, firewall rules, and network paths to align with FAA Orders, NIST 800-53, and federal cybersecurity standards. - Leading efforts in transitioning technologies (e.g., IPv4 to IPv6, microwave radio refreshes) from a cybersecurity and network architecture perspective. - Supporting the integration of Zero Trust, Software-Defined Networking (SDN), and defense-in-depth strategies into enterprise-level solutions. - Acting as a technical bridge between FAA cyber stakeholders and infrastructure providers (network, security, cloud). - Evaluating vendor-proposed architectures and making expert-level recommendations based on federal policy, security principles, and industry best practices. Required Qualifications - Experience supporting federal government programs, ideally within the FAA or transportation sector. - Proven experience with hands-on network engineering or architecture and understands boundary protection design, configurations, firewalls, VPNs, IDS/IPS, and load balancing. - Knowledge of telecommunications infrastructure, including IPv4/IPv6, and WAN/LAN environments. - Understand federal cybersecurity frameworks (NIST RMF, FISMA, NIST SP 800-53 rev 5). - Can evaluate network and system security concepts for large-scale, safety-critical systems like those in the National Airspace System (NAS). - Comfortable advising on defense-in-depth architectures, Zero Trust CONOPS, SD-WANs, and emerging technologies. - Have experience collaborating with System Engineers, Program Managers, and cybersecurity stakeholders to support ATO packages and continuous monitoring. - Ability to develop system security plans, risk assessments, and related security documentation. - U.S Citizen or Green Card Permanent Resident (3+ years U.S. Residency) - Ability to obtain FAA Public Trust. Mid - Bachelor’s degree in Cybersecurity, Information Technology, Telecommunications, or a related field. - 6+ years of experience in cybersecurity or network security roles - Substitutions: For anything requiring a substitution, the government customer is subject to further review and either approve or deny the request. - A High School degree with a total of 10 years of experience in cybersecurity or network security roles - An Associates Degree with a total of 8 years of experience in cybersecurity or network security roles - Masters degree with a total of 3 years of experience in cybersecurity or network security roles. Compensation Ranges: for D.C., NJ, Remote: $105,100 - $164,125 Mid to senior - Bachelor’s degree in Cybersecurity, Information Technology, Telecommunications, or a related field. - 9+ years of experience in cybersecurity or network security roles - Substitutions: For anything requiring a substitution, the government customer is subject to further review and either approve or deny the request. - A High School degree with a total of 15 years of experience in cybersecurity or network security roles - Masters degree with a total of 6 years of experience in cybersecurity or network security roles. Compensation Ranges: for D.C, NJ, Remote: $127,100 - $198,575 Desired Qualifications - CISSP, Security+, CCNA, or similar certification. - FAA or transportation sector experience preferred. - Familiarity with Zero Trust Architecture, Security Orchestration, and network virtualization (e.g., NFV). - Strong written, verbal, and interpersonal skills. Overview Noblis and our wholly owned subsidiaries, Noblis ESI, and Noblis MSD tackle the nation's toughest problems and apply advanced solutions to our clients' most critical missions. We bring the best of scientific thought, management, and engineering expertise together in an environment of independence and objectivity to deliver enduring impact on federal missions. Noblis works with a wide range of government clients in the defense, intelligence and federal civil sectors. Why work at a Noblis company? Our employees find greater meaning in their work and balance the other things in life that matter to them. Our people are our greatest asset. They are exceptionally skilled, knowledgeable, team-oriented, and mission-driven individuals who want to do work that matters and benefits the public. Noblis has won numerous workplace awards. Noblis maintains a drug-free workplace. *Remote/hybrid status is subject to change based on Noblis and/or government requirements Posted Salary Range USD $105,100.00 - USD $198,575.00 /Yr.

District Of Columbia + 1 moreAll locations: District Of Columbia | New Jersey
$105.1K - $198.6K / year