Security Operations Engineer

ProNavigator
ProNavigator

Operations

Bengaluru, Karnataka, India

Posted on Jul 13, 2026

Job Description

Key Responsibilities

Authentication: Stand up and operate authentication flows across all Strike Team projects — JWT, AWS Cognito, SSO integrations, and machine-to-machine auth patterns.

Authorization & Access Controls: Implement role-based and attribute-based access control patterns. Maintain a reusable authorization library that Strike Teams consume rather than rebuild.

Compliance Implementation: Translate compliance requirements (SOC 2, regional data privacy, customer-driven controls) into concrete technical controls — encryption, key management, audit logging, data residency.

IP & Network Controls: Implement IP restrictions, VPC-level network segmentation, and traffic policies that protect customer data without blocking legitimate Strike Team workflows.

Security Patterns Library: Build and maintain a library of vetted security components (auth middleware, secret management helpers, audit log clients) that every Strike Team uses by default.

Security Reviews & Audit Support: Review Strike Team designs for security gaps, support customer audits, and partner with the QA Architect on security-focused testing standards.

KPIs & Success Metrics

Security controls implemented across all Strike Team projects (auth, authz, encryption, audit logging) with no critical gaps.

Reusable security library adoption — share of teams consuming vetted components rather than rebuilding.

Compliance readiness: SOC 2 and data-privacy controls in place; successful customer audit support.

Time-to-remediate security findings within SLA.

Zero preventable authentication or access-control incidents.

Key Skills & Experience

Education: Bachelor’s or Master’s degree in Computer Science, Cybersecurity, or a related technical field.

Experience: 8+ years of software engineering experience with a strong focus on security implementation — auth systems, compliance controls, or platform security.

Technical Proficiency:

Expert-level knowledge of authentication and authorization patterns (OAuth 2.0, OIDC, JWT, SAML).

Hands-on experience with AWS Cognito, IAM, KMS, and Secrets Manager.

Strong backend development skills (Python, Java, or TypeScript) — this is a hands-on engineering role, not a pure advisory one.

Working knowledge of common compliance frameworks (SOC 2, ISO 27001, GDPR) and how to translate them into engineering controls.

Familiarity with secure CI/CD patterns and supply-chain security (SBOM, dependency scanning).

Engineering Excellence: Track record of shipping production-grade security components. Comfortable being a coding security engineer, not just a reviewer.

Domain Context: (Preferred) Experience in regulated industries (insurance, finance, healthcare) or multi-tenant SaaS.

Preferred Skills & Experience

AI Security: Experience securing LLM-based applications — prompt injection defenses, output filtering, model access controls.

Cloud Security: AWS Security Specialty certification or equivalent.

Guidewire Knowledge: Familiarity with Guidewire Cloud security model.

Threat Modeling: Hands-on experience running threat modeling sessions for production systems.