Security Engineer

Job Description

We are seeking a talented and motivated Security Engineer to join our team. The ideal candidate will possess a solid foundation in security practices and a proactive approach to safeguarding our digital ecosystem. This role requires a balance of technical expertise, strategic thinking, and an understanding of regulatory requirements.

Key Responsibilities

• Design, implement, and maintain robust security measures in AWS cloud environments.
• Manage IAM roles and enforce least-privilege principles across cloud resources.

• Conduct comprehensive penetration tests for web applications, APIs, and mobile applications.
• Identify vulnerabilities and recommend actionable mitigations.

• Create and implement scalable security architectures to meet organizational needs.
• Ensure security designs align with industry best practices and compliance requirements.

• Develop, implement, and maintain compliance frameworks (preferably ISO 27001).
• Formulate and review organization-wide security policies, processes, and procedures.
• Assist in audits and evidence collection for compliance requirements.

• Have basic knowledge of SEBI guidelines and/or the DPDP Act for security compliance.
• Ensure organizational security measures adhere to applicable regulations.

• Deploy and manage security controls like WAF, MDM, SIEM, API Gateway, and SSO solutions.
• Monitor and improve the performance and effectiveness of these controls.

• Handle security-related administrative activities efficiently.
• Maintain updated documentation of security tools, processes, and incident reports.

• Conduct security awareness training sessions for employees.
• Perform periodic security assessments to evaluate organizational preparedness.

• Experience: 3-6 years in cybersecurity, with proven hands-on expertise in the above responsibilities.
• Expertise in penetration testing methodologies and tools.
• Proficiency in designing security architectures and implementing security controls.
• Familiarity with compliance frameworks like ISO 27001.
• Understanding of regulatory guidelines such as SEBI and DPDP Act is a plus.
• Experience with organization-wide policy development and process implementation.
• Strong interpersonal skills to effectively conduct training and awareness programs.

• Strong knowledge of AWS Cloud Security and associated tools.
• Familiarity with deploying and managing WAFs, SIEM solutions, MDM tools, API gateways, and SSO systems.
• Knowledge of incident response and vulnerability management tools.
• Basic scripting and automation skills to streamline security processes.

• ESOPs based on performance
• Health insurance
• Statutory benefits like PF & Gratuity
• Remote work options
• Professional development opportunities
• Collaborative and inclusive work culture

Who We Are

EduFund is an early-stage platform that helps Indian parents plan for their child's higher education in advance. Our product allows families to invest for education, take education loans, and receive competitive scholarships! We were founded in 2020 by Eela Dubey (NYU 13) and Arindam Sengupta (Princeton 12).

EduFund team is filled with chai lovers, problem solvers, ridiculous jokes, and immeasurable passion towards our work. Our founding team has had the privilege of working at companies like Reliance, Goldman Sachs, CRISIL, GradRight, LeverageEdu, HDFC, and many others.

We have raised over $5M in funding from notable investors such as MassMutual Ventures, Kunal Shah, and DSP Investment Managers.

We are headquartered in Ahmedabad, with teams in Mumbai and Pune.

• Here's a taste of what it is like to work at EduFund: https://bit.ly/3t5hLpd

Skills: database security,architecture,networking technologies,metrics and kpis,system security engineering,intrusion detection systems,iso 27001,incident management,digital security,devsecops,anti-virus applications,compliance,content filtering,authentication systems,firewalls,jenkins,gitlab