Information Security Engineer

Epergne Solutions

  • Chennai, Tamil Nadu
  • Permanent
  • Full-time
  • 1 month ago
Job Role: Information Security EngineerJob Location: Bangalore / ChennaiExperience: 6+ YearsJob Roles & Responsibilities:
  • Perform vulnerability assessments and policy compliance checks across on-premises, cloud-hosted systems, containers (e.g., Docker, Kubernetes), databases, and web services.
  • Use leading vulnerability scanning solutions like Qualys to identify and assess security risks.
  • Analyze vulnerability scan results, validate false positives, and ensure delivery of accurate and actionable reports.
  • Act as technical SME to interpret detection logic and assist infrastructure/application teams with effective remediation strategies.
  • Identify root causes for recurring security issues and propose long-term sustainable solutions.
  • Build and maintain a technical knowledge base to support vulnerability management (VM) team effectiveness.
  • Stay updated on emerging threats, vulnerabilities, and vulnerability management trends.
  • Ensure alignment with security policies, standards, and procedures; assist in translating security concepts to non-technical teams.
  • Draft and maintain documentation, including process guidelines, technical reports, and executive summaries.
  • Suggest service improvements based on technology evolution in networking, cloud, and security infrastructure.
  • Provide technical mentorship and act as line manager in the absence of the team lead.
Job Skills & Requirements:Education:
  • Bachelor's Degree in Engineering, Computer Science, Information Technology, or equivalent.
  • Industry certifications such as CISSP, CISA, CRISC, CISM, CCNA Security, CCNP Security, or CCIE are preferred.
Experience:
  • Minimum 6 years of experience in Information Security, preferably in Banking and Financial Services.
  • Proven expertise in risk/threat assessment, vulnerability management, and security operations.
Technical Skills:
  • Hands-on experience with vulnerability scanning tools like Qualys, Nessus, Rapid7, etc.
  • Proficiency in security assessment for cloud platforms (AWS, Azure, GCP) and container environments (Docker, Kubernetes).
  • Knowledge of networking components such as routers, switches, firewalls, load balancers, and proxies.
  • Ability to analyze, interpret, and communicate security threats and mitigations to both technical and non-technical audiences.
  • Working knowledge of policy compliance, risk consulting, and incident response procedures.
  • Strong understanding of information security frameworks and best practices (NIST, ISO, CIS benchmarks, etc.).

Epergne Solutions