Job Title: Security Engineer
Location:Remote
About The Role:
As a Security Engineer, you will help lead our internal security efforts. You will take our security program from good to excellent across various domains, including Application Security, Cloud Security, Compliance, and Detection and Response aligned to the company’s top priorities. You will contribute to our broader technical operations and compliance programs. The role is an excellent opportunity to apply hard-won security lessons in a rapidly growing company that places a premium on engineering-led solutions.
To succeed in this role, you must be self-driven and motivated by designing and deploying 'right-sized' security solutions. In addition, you must balance the competing demands of running a modern, employee-friendly security program in a quickly changing environment. We consider 'done' to be better than perfect'!
Key Responsibilities:
Build enterprise security control strategies, setting a security posture, and leading the implementation; across all stages of prevention, detection, and response.
Apply a software-development based approach with automation as a core part of our enterprise security controls.
Perform threat models, implementation reviews, and security testing; review requirements and designs.
Embed yourself into technology and business teams, acting as a "security player-coach".
Monitor and analyze production security events and, as needed, provide in-depth incident analysis.
Build relationships with other engineers, product managers, data engineers, operators, and business team members.
Empathize as you reduce risk while focusing on a great employee and user experience.
Multiple years of experience in technology / cyber security.
An ability to identify and provide a basic assessment of security threats.
An understanding of security problems, paired with an ability to suggest solutions to technology design problems.
Ability to automate tasks using software or scripting in combination with other technologies (ex: Lambda/GCP Functions/Azure Functions).
Cloud and SaaS experience.
Ability to mentor others on technical topics, including security.
Past experience with pushing technical initiatives; team, project, or indirect management of technology.
Past experience as a software engineer and secure product development.
Understanding of the interplay of compliance programs (SOC2, ISO27001) with enterprise security, and aligning them to a common goal.
Scrut Automation is an information security and compliance monitoring platform, aimed at helping small and medium cloud-native enterprises develop and maintain a robust security posture, and comply with various infosec standards such as SOC 2, ISO 27001, GDPR, and the like with ease. With the help of the Scrut platform, customers reduce their manual effort for security and compliance tasks by 70%, and build real-time visibility of their security posture.
Founded by IIT/ISB/McKinsey alumni, the founding team has over 15 years of combined Infosec experience. Scrut is built out of India for the world, with customers across India, APAC, North America, Europe and the Middle East. Scrut is backed by Lightspeed Ventures, MassMutual Ventures and Endiya Partners, along with prominent angels from the global SaaS community.
Why should this job excite you?
Flat-hierarchy, performance-driven culture
Rapid growth and learning opportunities
Comprehensive medical insurance coverage
A high-performing action-oriented team
Competitive package, benefits and employee-friendly work culture
Note: Due to a high volume of applications, only the shortlisted candidates will be contacted by the HR team. We appreciate your interest and effort.