Lead Information Security Engineer (Cybersecurity Lead)

Cybersecurity Lead, Information Security Engineer, SIEM & Threat Management, DevSecOps & CI/CD Security, Zero Trust Architecture (ZTA), IAM & Privileged Access Management (PAM), Penetration Testing & Ethical Hacking, ISO 27001, NIST, SOC2 Compliance, Incident Response & Risk Management, Kubernetes & Cloud Security,

Job Title: Lead Information Security Engineer (Cybersecurity Lead)

Location: Bangalore
Experience: 8-12 years
Positions: 1
Department: Information Security (InfoSec)
Employment Type: Full-Time (Work from Office)

About YSECIT

YSECIT is committed to securing its on-premises data centers, DevOps pipelines, and enterprise applications against evolving cyber threats. As part of our Cybersecurity Center of Excellence (CCoE) initiative, we are hiring an experienced Lead Information Security Engineer to drive security strategy, governance, and risk management across our global infrastructure.

Key Responsibilities

1. Security Strategy & Governance

• Define and implement enterprise-wide cybersecurity strategy aligned with business goals.
• Establish security policies, standards, and compliance frameworks (ISO 27001, SOC2, NIST, GDPR).
• Conduct risk assessments, audits, and vulnerability management across IT infrastructure.
• Collaborate with senior leadership to develop a security roadmap for the organization.

2. Security Operations & Threat Management

• Lead threat intelligence, incident detection, and response programs.
• Design and implement SIEM (Security Information & Event Management) solutions for proactive monitoring.
• Establish intrusion detection & prevention systems (IDS/IPS), endpoint security, and log analytics.
• Monitor and analyze cyber threats, vulnerabilities, and attack vectors to strengthen security posture.

3. DevSecOps & On-Prem Infrastructure Security

• Embed security best practices in CI/CD pipelines (GitLab CI/CD, ArgoCD).
• Implement container security scanning (Trivy, Clair, AquaSec) and runtime protection.
• Define Zero Trust Architecture (ZTA) principles for network and infrastructure security.
• Ensure encryption, access control, and firewall configurations in on-prem Kubernetes clusters.

4. Identity & Access Management (IAM)

• Implement and manage Role-Based Access Control (RBAC) and Privileged Access Management (PAM).
• Ensure multi-factor authentication (MFA) and least privilege access control across IT systems.
• Conduct periodic access reviews and audits to prevent insider threats.

5. Security Awareness & Compliance

• Lead security awareness training programs for employees.
• Ensure compliance with global and industry-specific regulations.
• Conduct penetration testing, red teaming, and security drills.
• Develop incident response plans and disaster recovery strategies.

Key Skills & Technologies

• Cybersecurity Governance (ISO 27001, NIST, SOC2, GDPR, PCI DSS)
• SIEM, IDS/IPS, Endpoint Security (ELK Stack, Splunk, Suricata, Wazuh, OSSEC)
• DevSecOps & Secure CI/CD (GitLab CI/CD, ArgoCD, SAST, DAST, KICS)
• Cloud & On-Prem Security (Zero Trust, RBAC, Kubernetes Security, Encryption, Firewalls)
• IAM & Authentication (LDAP, OAuth, SAML, MFA, PAM, AD)
• Penetration Testing & Ethical Hacking (Metasploit, Burp Suite, Nmap, OWASP ZAP)

Qualifications

• Bachelors or Masters degree in Cybersecurity, Computer Science, or IT.
• 8-12 years of experience in enterprise cybersecurity roles.
• Experience in on-prem infrastructure security and compliance.
• Proven experience with SIEM, IDS/IPS, IAM, and DevSecOps tools.
• Industry certifications preferred: CISSP, CISM, CEH, OSCP, CRISC.
• Strong analytical, leadership, and problem-solving skills.

Why Join YSECIT?

✔ Build & lead cybersecurity from the ground up in a high-tech enterprise.
✔ Work with cutting-edge security technologies in a high-security environment.
✔ Collaborate with DevOps, IT, and executive leadership to drive security strategy.
✔ Competitive salary, leadership opportunities, and career growth.

How to Apply?

Send your resume to manushree.raju@ysecit.com with the subject line:
Application for Lead Information Security Engineer – YSECIT