About PlumPlum is an employee insurance and health benefits platform focused on making health insurance simple, accessible and inclusive for modern organizations. Healthcare in India is seeing a phenomenal shift with inflation in healthcare costs 3x that of general inflation. A majority of Indians are unable to afford health insurance on their own; and so as many as 600mn Indians will likely have to depend on employer-sponsored insurance.Plum is on a mission to provide the highest quality insurance and healthcare to 10 million lives by FY2030, through companies that care. Plum is backed by Tiger Global and Peak XV Partners.Position OverviewWe are seeking an experienced Senior Cybersecurity Engineer with 4+ years of expertise to lead our security initiatives and protect our healthcare platform. This role is critical in ensuring the security, privacy, and compliance of our systems that handle sensitive healthcare data for millions of users while enabling rapid business growth.Key ResponsibilitiesCore Security ExpertiseDemonstrate deep understanding of security domain principles and concepts across multiple disciplinesLead expertise across critical security domains including:Advanced Incident Response and forensicsRed Team operations and adversarial simulationSophisticated Malware Analysis and reverse engineeringAttack metrics development and threat modelingComprehensive Vulnerability Assessment & Penetration TestingProactive Threat Hunting & Root Cause AnalysisMalicious Code analysis and deciphering techniquesAdvanced SIEM Analysis, XDR integration, and SOAR orchestrationExecute complex incident triage based on advanced security parameters and established methodologiesLeverage strong scripting expertise (Python, C#, JSON, shell scripting) for security automation and tool developmentDesign and architect secure systems, networks, and application infrastructures for healthcare environmentsMaintain hands-on expertise with enterprise security tools including Symantec Endpoint Protection & Encryption, Tenable Nessus, Kali Linux, and Burp SuiteCloud Security Architecture & EngineeringDesign and implement enterprise-grade secure cloud architectures aligned with industry frameworks (CIS, NIST, ISO 27001)Define, maintain, and enforce security patterns for Infrastructure as Code implementations using Terraform and HelmArchitect comprehensive security for AWS and GCP services, Kubernetes clusters (EKS/GKE), serverless functions, and containerized workloadsLead the implementation of zero-trust security models and micro-segmentation strategiesDesign secure multi-cloud and hybrid cloud architectures for healthcare data processingSecurity Operations & MonitoringImplement and optimize native cloud security tools including AWS Security Hub, GCP Security Command Center, and integrated third-party platformsDeploy and manage advanced security platforms including CrowdStrike, Snyk, Wiz, Prisma Cloud, and SentinelOneConfigure and maintain Cloud Security Posture ManagementIntegrate comprehensive security posture monitoring with observability tools like DataDog and enterprise SIEM platformsConduct regular security audits, automated vulnerability assessments, and compliance verification checksDevelop custom security metrics and KPIs for executive reportingIncident Response & Threat DetectionLead investigation and response activities for complex cloud-based security incidents and data breachesDevelop, maintain, and continuously improve incident response playbooks and forensics proceduresLeverage threat intelligence feeds and frameworks to enhance detection capabilities and threat hunting activitiesCoordinate with external security vendors and law enforcement during major incidentsConduct post-incident reviews and implement preventive measuresGovernance, Risk & ComplianceSupport and lead regulatory audits, comprehensive risk assessments, and compliance initiatives (ISO27001, GDPR, SOC2)Define, implement, and enforce enterprise cloud security standards, policies, and proceduresProvide subject matter expertise in secure access management, data protection strategies, and encryption key managementManage vendor security assessments and third-party risk evaluationsDevelop and maintain security awareness training programs for technical and non-technical staffRequired QualificationsExperience & Education4+ years of hands-on experience in cybersecurity roles with a proven track record of securing production environments at scaleBachelor's or Master's degree in Computer Science, Cybersecurity, Information Security, or related technical fieldExperience in healthcare, fintech, or other highly regulated industries is strongly preferredCore Technical ExpertiseCloud Security Platforms: Expert-level proficiency in cloud security architectures:AWS: Deep knowledge of AWS security services, Security Hub, GuardDuty, CloudTrail, Config, IAM, KMS, and VPC securityGCP: Comprehensive understanding of Security Command Center, Cloud Security Scanner, Identity and Access Management, and VPC security controlsSecurity Tools & Platforms: Hands-on experience with enterprise security solutions including:Endpoint protection: Symantec Endpoint Protection & EncryptionVulnerability management: Tenable Nessus, penetration testing frameworksSecurity testing: Kali Linux, Burp Suite, OWASP methodologiesCloud security: CrowdStrike, Snyk, Wiz, Prisma Cloud, SentinelOneContainer & Kubernetes Security: Advanced proficiency in securing containerized environments including RBAC, network policies, admission controllers, and Pod Security StandardsProgramming & Scripting: Strong development skills in Python, Bash, Go, and Infrastructure as Code tools (Terraform, CloudFormation)Authentication & Authorization: In-depth understanding of modern identity protocols including OAuth2, OpenID Connect (OIDC), SAML, and zero-trust architecturesSecurity SpecializationsIncident Response: Proven experience leading complex security incident investigations and coordinating response activitiesThreat Intelligence: Experience with threat hunting, malware analysis, and leveraging threat intelligence platformsDevSecOps Integration: Hands-on experience integrating security tools into CI/CD pipelines and implementing security-as-code practicesSecurity Architecture: Experience designing secure system architectures and implementing defense-in-depth strategiesProfessional CertificationsRequired Certifications (minimum 2 of the following):AWS Certified Security - SpecialtyGoogle Professional Cloud Security EngineerCertified Information Systems Security Professional (CISSP)Certified Kubernetes Security Specialist (CKS)Certified Information Security Manager (CISM)CompTIA Security+Certified Ethical Hacker (CEH)Leadership & Communication SkillsProven ability to lead security initiatives and mentor junior security professionalsExperience with crisis management and executive-level security reportingStrong written and verbal communication skills for technical and non-technical audiencesAbility to work independently while collaborating effectively across cross-functional teamsExperience with security awareness training and building security culture
