كلما زادت طلبات التقديم التي ترسلينها، زادت فرصك في الحصول على وظيفة!

إليك لمحة عن معدل نشاط الباحثات عن عمل خلال الشهر الماضي:

عدد الفرص التي تم تصفحها

عدد الطلبات التي تم تقديمها

استمري في التصفح والتقديم لزيادة فرصك في الحصول على وظيفة!

هل تبحثين عن جهات توظيف لها سجل مثبت في دعم وتمكين النساء؟

اضغطي هنا لاكتشاف الفرص المتاحة الآن!
نُقدّر رأيكِ

ندعوكِ للمشاركة في استطلاع مصمّم لمساعدة الباحثين على فهم أفضل الطرق لربط الباحثات عن عمل بالوظائف التي يبحثن عنها.

هل ترغبين في المشاركة؟

في حال تم اختياركِ، سنتواصل معكِ عبر البريد الإلكتروني لتزويدكِ بالتفاصيل والتعليمات الخاصة بالمشاركة.

ستحصلين على مبلغ 7 دولارات مقابل إجابتك على الاستطلاع.


تم إلغاء حظر المستخدم بنجاح
شكراً لك، تم إرسال بلاغك وسيتم مراجعته قريباً.
https://bayt.page.link/uBYG7FxMGv9svKpv9
العودة إلى نتائج البحث‎

Senior Security Engineer

قبل 11 ساعة 2026/11/14 ·ينتهي التقديم خلال 119 يومًا
خدمات الدعم التجاري الأخرى
أنشئ تنبيهًا وظيفيًا لوظائف مشابهة
تم إيقاف هذا التنبيه الوظيفي. لن تصلك إشعارات لهذا البحث بعد الآن.

الوصف الوظيفي

Company - Arcitech AI Location : Turbhe, Navi Mumbai (On site) Experience : 5+ Years Budget - 12lpa Immediate Joiners preferred About Arcitech :- Arcitech is an enterprise AI automation and software development company building modern, AI-native products at scale.
Several of our products handle sensitive data, and security is central to how we build and ship.
We are looking for a hands-on Senior Security Engineer to own the security of our applications and cloud infrastructure end to end.
About the Role:- This is a hands-on, implementation-focused role — not an advisory one.
You will spend most of your time finding real vulnerabilities, deploying real security controls, and securing real CI/CD pipelines and cloud environments.
Our infrastructure is AWS-primary, and you will also help us introduce and secure additional, cost-optimized cloud and server environments as we grow.
You will work directly with our product tech leads, our DevOps team, and an external security testing partner to take each product to a strong, audit-ready security posture.
If you enjoy building and shipping security controls rather than only writing policy, this role is for you.
Key Responsibilities:- Application Security- • Conduct threat modeling on real application architectures, data flows, and APIs, producing specific, actionable output.
• Perform vulnerability assessments and penetration testing on web applications and APIs; identify, prioritize, and track findings to closure.
• Perform secure code review and partner with developers to fix vulnerabilities, with attention to authentication, payment flows, data isolation, and PII handling.
• Define and enforce a secure-coding standard tailored to our stack (Python/Django, Node.
js, React).
Cloud & Infrastructure Security (AWS-Primary, Multi-Cloud Capable)- • Harden and continuously monitor our AWS environment (primary platform): IAM least- privilege, network segmentation, encryption, logging (CloudTrail), and threat detection (GuardDuty, Inspector, or equivalent).
• Implement and operate Cloud Security Posture Management (CSPM) to detect misconfigurations and drift — across AWS and any additional providers we adopt.
• Apply portable, vendor-neutral security through Infrastructure as Code (Terraform) and container/Kubernetes security, so controls travel with the workload regardless of provider.
• Manage secrets properly (AWS Secrets Manager / Parameter Store or HashiCorp Vault) and eliminate hardcoded credentials.
• Work with the DevOps team to introduce and secure additional, cost-optimized server environments (e.
g., Azure or cost-focused providers), extending our security standards to each new platform.
• Administer Linux servers and cloud environments with security as the default; support uptime, scalability, and patching.
DevSecOps & Pipeline Security- • Build and maintain security gates in CI/CD pipelines (Jenkins, GitHub Actions, or GitLab CI/CD): SAST, DAST, software composition analysis, container image scanning, and IaC scanning.
• Implement Infrastructure as Code security using Terraform or CloudFormation with automated policy checks (e.
g., Checkov, Trivy).
• Deploy and validate developer-side security tooling and automate security tasks using Python and/or Bash.
Monitoring, Incident Response & Collaboration- • Set up centralized logging and monitoring (CloudWatch, ELK, Prometheus, Grafana, or equivalent) with alerting and incident workflows.
• Define and run an incident response process; investigate and remediate security incidents.
• Work directly with tech leads, DevOps, QA, and developers to ensure controls are implemented, not just recommended.
• Coordinate an external security testing partner for periodic deep penetration testing, and drive their findings to closure.
Compliance & Audit Readiness- • Build and maintain the security artifacts required during enterprise customer due diligence (security questionnaires, VAPT reports, data-handling documentation).
• Establish practices aligned with relevant standards (e.
g., OWASP, and PCI-DSS / data- protection requirements where applicable).
Required Qualifications:- • 5+ years hands-on experience in application security, cloud security, and/or DevSecOps, with controls you have personally implemented — not only assessed or advised on.
• AWS expertise (mandatory, primary).
Deep, hands-on experience securing AWS environments.
Most of our infrastructure runs on AWS and will continue to.
• A second cloud (required, demonstrated).
Hands-on experience securing at least one other provider — Azure, GCP, or a cost-focused provider such as DigitalOcean, Hetzner, or OVH.
This must be work you have actually delivered, not a willingness to learn.
• Portable, vendor-neutral skills.
Strong Infrastructure as Code (Terraform) and container/Kubernetes security — the skills that let security and workloads move safely between providers.
• Application security depth.
Proven experience with threat modeling, VAPT, and secure code review on real applications and APIs.
• CI/CD and IaC security.
Hands-on experience integrating security into pipelines and securing Infrastructure as Code (Terraform / CloudFormation).
• Containers.
Working experience securing Docker and Kubernetes environments.
• Scripting.
Practical Python and/or Bash for automation.
• Tooling. Familiarity with SAST/DAST/SCA tools, vulnerability scanners, CSPM, and monitoring stacks.
• Linux. Solid Linux system administration.
• Communication.
Able to give a tech lead a clear, specific, prioritized list of what to fix and why.
لقد تمت ترجمة هذا الإعلان الوظيفي بواسطة الذكاء الاصطناعي وقد يحتوي على بعض الاختلافات أو الأخطاء البسيطة.
لقد تجاوزت الحد الأقصى المسموح به للتنبيهات الوظيفية (15). يرجى حذف أحد التنبيهات الحالية لإضافة تنبيه جديد.
تم إنشاء تنبيه وظيفي لهذا البحث. ستصلك إشعارات فور الإعلان عن وظائف جديدة مطابقة.
هل أنت متأكد أنك تريد سحب طلب التقديم إلى هذه الوظيفة؟

لن يتم النظر في طلبك لهذة الوظيفة، وسيتم إزالته من البريد الوارد الخاص بصاحب العمل.