IT & Security Engineer

IT Security & Infrastructure Engineer

Location: Mumbai |
Employment Type: Full-time, on-site |
Travel: Occasional, for new site deployments

We are seeking a hands‑on IT Security & Infrastructure Engineer to manage and secure our day‑to‑day IT environment, while growing alongside us as we mature our security and compliance program. The organization is actively pursuing ISO 27001:2022 and SOC 2 certification, operates across Azure and AWS
, and runs a synchronized multi-firewall setup. This is a genuine growth role. The successful candidate will begin with hands‑on responsibilities across endpoints, firewalls, network infrastructure, and end‑user support — and progressively take on broader cloud networking, multi‑firewall management, and compliance support. We are looking for someone with practical early‑career experience who aspires to grow into a Security Engineer or Cloud Security role, rather than remain in pure operations.

The role is intentionally varied: a single day may involve resolving an end‑user issue, configuring a site‑to‑site VPN tunnel to an Azure VNet, and travelling to a new office to set up server and network infrastructure. Breadth and adaptability are core to the position.

Area Tools and Platforms

• Security Next‑gen firewall, XDR, and VPN platforms (e.g. Sophos, Fortinet, Palo Alto)
• Endpoint Management Unified endpoint management tools (e.g. Manage Engine, Intune, SCCM)
• Mobile Device Management MDM platforms for iOS and Android patching, policy enforcement, and remote control
• Network Managed L2 switches and enterprise APs (e.g. TP‑Link, EnGenius, Ubiquiti)
• Endpoints Windows, macOS, iOS, and Android
• Access Control Biometric devices (e.g. ESSL, Matrix, or equivalent)
• Identity Microsoft Active Directory
• Cloud Azure and AWS virtual networks, linked to on‑premise infrastructure

• Multi‑firewall synchronized configuration (HA and multi‑site)
• Azure and AWS virtual networks linked to on‑premise firewall via IPSec site‑to‑site VPN
• ISO 27001:2022 ISMS implementation underway
• SOC 2 readiness and audit support in progress
• Periodic new office and server room rollouts as the business expands

• Troubleshoot day‑to‑day Windows and macOS issues, including boot problems, profile corruption, application crashes, performance issues, and update or driver glitches
• Resolve common end‑user concerns across Office productivity tools, Wi‑Fi, printer setup, VPN access, password resets, and One Drive/Share Point
• Provide basic support for the iOS and Android mobile fleet
• Handle hardware‑level tasks such as RAM/SSD upgrades, peripheral setup, and docking stations
• Maintain a disciplined ticketing rhythm — log, prioritize, resolve, and document

• Manage the endpoint fleet through a unified endpoint management platform for patch management, software deployment, asset tracking, and remote troubleshooting
• Execute Windows and macOS patch cycles end‑to‑end
• Enroll new machines into the Active Directory domain and apply baseline GPOs and security policies
• Manage user onboarding and offboarding cleanly

• Administer the MDM platform for iOS and Android devices — enrollment, policy enforcement, and remote control
• Run mobile OS patch management through the MDM platform — schedule, deploy, and verify OS and app updates across the mobile fleet
• Enforce baseline mobile security policies — passcode requirements, encryption, app restrictions, and remote wipe readiness
• Track mobile device compliance and remediate non‑compliant devices

• Perform day‑to‑day firewall administration — rules, NAT, web filtering, traffic shaping, and log review
• Configure and monitor VPN services — site‑to‑site tunnels and remote‑access connectivity
• Use the XDR / endpoint security console to triage alerts, investigate incidents, and document findings
• Help maintain the synchronized multi‑firewall configuration, ensuring rules and policies remain in sync across devices

• Configure and manage Azure Virtual Networks and AWS VPCs at a moderate level — subnets, route tables, NSGs / security…