×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Cloud Computing: Infrastructure & Operations Data Security Security Manager

Senior Security Engineer

Job in Navi Mumbai, India
Listing for: Arcitech
Full Time position
Listed on 2026-06-17
Job specializations:
  • IT/Tech
    Cybersecurity, Cloud Computing: Infrastructure & Operations, Data Security, Security Manager
Job Description & How to Apply Below
Company - Arcitech
Location - Vashi, Navi Mumbai (On site)
Experience - 5+ yrs
Budget - 8

LPA to 12

LPA
IMMEDIATE JOINERS PREFERRED

About Arcitech :

- Arcitech is an enterprise AI automation and software development company building modern,
AI-native products eral of our products handle sensitive data, and security is
central to how we build and ship. We are looking for a hands-on Senior Security Engineer to
own the security of our applications and cloud infrastructure end to end.

About the Role:

- This is a hands-on, implementation-focused role — not an advisory one. You will spend most of
your time finding real vulnerabilities, deploying real security controls, and securing real CI/CD
pipelines and cloud environments. Our infrastructure is AWS-primary, and you will also help us
introduce and secure additional, cost-optimized cloud and server environments as we grow. You
will work directly with our product tech leads, our Dev Ops team, and an external security testing
partner to take each product to a strong, audit-ready security posture. If you enjoy building and
shipping security controls rather than only writing policy, this role is for you.

Key Responsibilities:

- Application Security
- • Conduct threat modeling on real application architectures, data flows, and APIs, producing
specific, actionable output.

• Perform vulnerability assessments and penetration testing on web applications and APIs;
identify, prioritize, and track findings to closure.

• Perform secure code review and partner with developers to fix vulnerabilities, with
attention to authentication, payment flows, data isolation, and PII handling.

• Define and enforce a secure-coding standard tailored to our stack (Python/Django,
Node.js, React).

Cloud & Infrastructure Security (AWS-Primary, Multi-Cloud Capable)
- • Harden and continuously monitor our AWS environment (primary platform): IAM least
- privilege, network segmentation, encryption, logging (Cloud Trail), and threat detection
(Guard Duty, Inspector, or equivalent).

• Implement and operate Cloud Security Posture Management (CSPM) to detect
misconfigurations and drift — across AWS and any additional providers we adopt.

• Apply portable, vendor-neutral security through Infrastructure as Code (Terraform) and
container/Kubernetes security, so controls travel with the workload regardless of provider.

• Manage secrets properly (AWS Secrets Manager / Parameter Store or Hashi Corp Vault)
and eliminate hardcoded credentials.

• Work with the Dev Ops team to introduce and secure additional, cost-optimized server
environments (e.g., Azure or cost-focused providers), extending our security standards to
each new platform.

• Administer Linux servers and cloud environments with security as the default; support
uptime, scalability, and patching.

Dev Sec Ops  & Pipeline Security
- • Build and maintain security gates in CI/CD pipelines (Jenkins, Git Hub Actions, or Git Lab
CI/CD): SAST, DAST, software composition analysis, container image scanning, and IaC
scanning.

• Implement Infrastructure as Code security using Terraform or Cloud Formation with
automated policy checks (e.g., Checkov, Trivy).

• Deploy and validate developer-side security tooling and automate security tasks using
Python and/or Bash.

Monitoring, Incident Response & Collaboration
- • Set up centralized logging and monitoring (Cloud Watch, ELK, Prometheus, Grafana, or
equivalent) with alerting and incident workflows.

• Define and run an incident response process; investigate and remediate security incidents.

• Work directly with tech leads, Dev Ops, QA, and developers to ensure controls are
implemented, not just recommended.

• Coordinate an external security testing partner for periodic deep penetration testing, and
drive their findings to closure.

Compliance & Audit Readiness
- • Build and maintain the security artifacts required during enterprise customer due diligence
(security questionnaires, VAPT reports, data-handling documentation).

• Establish practices aligned with relevant standards (e.g., OWASP, and PCI-DSS / data
- protection requirements where applicable).

Required Qualifications:

- • 5+ years hands-on experience in application security, cloud security, and/or Dev Sec…
Position Requirements
10+ Years work experience
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search