Senior Security Engineer
IT | Hybrid in Hyderabad, India | Full Time
Job Purpose:
Provides hands-on technical and security support across enterprise environments, including performing manual security testing, assisting with vulnerability identification and remediation, and supporting threat response activities. Contributes to cloud security posture monitoring, participates in responsible disclosure and bug bounty processes, and supports ongoing compliance initiatives. Aids in the investigation and response to security incidents, monitors threat intelligence sources, and helps implement security controls across systems, applications, and Office365 environments. Also assists with maintaining documentation and gathering evidence for audits related to SOC 2 Type 2, PCI-DSS, and ISO 27001 frameworks. Supports sales and client teams by contributing to responses for security audits, risk assessments, and customer security questionnaires.
Job Responsibilities:
Essential Functions:
This position operates under limited supervision with a high degree of independence in day-to-day security tasks. The Security Engineer supports enterprise security operations, infrastructure protection, and compliance efforts. Key responsibilities include:
- Perform manual security testing and assist with 2nd and 3rd level investigation and resolution of security-related support tickets.
- Participate in vulnerability management processes, including scanning, tracking, reporting, and remediation assistance.
- Monitor and support cloud security posture across environments (e.g., AWS, Azure), contributing to secure configuration and alerting.
- Support Office365 security administration and monitoring efforts
- Assist in monitoring threat intelligence feeds and help correlate findings with internal environments to identify potential risks.
- Respond to and support the triage and resolution of security incidents in coordination with internal teams and vendors to minimize business impact.
- Contribute to the intake and triage process for responsible disclosure reports and bug bounty submissions.
- Provide security support for customer audits and sales enablement activities by helping to complete security questionnaires and assessments.
- Assist with maintaining and collecting evidence for compliance frameworks such as SOC 2 Type 2, PCI-DSS, and ISO 27001.
- Help train and support internal teams in secure configurations and processes.
- Work with internal infrastructure, development, and compliance teams to implement and maintain security standards and controls.
- Research, test, and provide input on new security tools, products, and practices.
- Maintain accurate records of work performed, including documentation and ticketing of changes and issues.
Non-Essential Functions:
- May be required to participate in an on-call rotation outside of normal business hours to support security incident response or high-priority investigations.
- May assist with ad-hoc security-related tasks or projects outside of core responsibilities
Requirements:
Required Education and Experience:
- Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or equivalent technical experience
- Minimum 3+ years of experience in information security, cybersecurity, or in a security engineering role
- Hands-on experience with manual security testing and vulnerability management practices
- Working knowledge of private and public cloud environments and cloud security posture management (e.g., AWS, Azure, or GCP)
- Familiarity with security compliance frameworks (SOC 2 Type 2, PCI-DSS, ISO 27001)
- Experience with MS Azure security and Office365 security tools (e.g., Microsoft Defender, Purview, Security & Compliance Center)
- Understanding of incident response processes and tools
- Exposure to responsible disclosure or bug bounty program workflows
- Ability to document technical findings and produce support materials for audit and remediation purposes
- Minimum 2+ years of experience with Penetration Testing tools such as Nmap, Burp Suite, OWASP ZAP, Nikito, SQLmap, Postman, MetaSploit, Mimikatz, Bloodhound, Maltego and others
Preferred Education and Experience:
- Bachelor’s degree or equivalent experience.
- Related certifications
Expected Competencies:
- Strong verbal and written communication skills
- Must be able to prioritize and take initiative
- Demonstrate excellent service skills
- Strong English communication skills, both written and verbal
Work Schedule:
Monday through Friday from 12 PM to 9 PM IST. This will provide healthy overlap between India team and US team and supporting both to ensure adequate collaboration. This role will be working in Hybrid Mode and will require at least 2 days’ work from office at Hyderabad or Gurugram
Travel:
This position may require up to 10% travel. Travel may be outside the local area and overnight
EEO Statement
Cendyn provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, Cendyn complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.
Cendyn expressly prohibits any form of workplace harassment based on race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, genetic information, disability, or veteran status. Improper interference with the ability of Cendyn’s employees to perform their job duties may result in discipline up to and including discharge.
Other Duties
Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.