Security Engineer

Swedium Global is looking for a Security Engineer

Location: Bangalore (onsite 2-3 times per week)

The Cyber Security team is looking to advance the Cyber security capabilities. If automating security infrastructure at large scale, developing secure solutions and products, embedding security controls & policies as code, providing support and security expertise to others excites you, you might want to consider joining us!  

Work within the Cyber security domain, focusing on the Automated security testing part of our services and improving overall security posture of products and systems for assigned business domain. You will be part of an agile team, constantly improving and automating the security posture of the cloud infrastructure. You will partner and support the engineering community to build secure infrastructure at scale. You will perform threat modeling and security risk assessments. 

Understanding of security compliance requirements such as GDPR, NIS2, ISO27000. You will build and operate reliable tooling to increase the visibility of cloud environments and remediate security misconfigurations. You will be a valued member of the team, providing sound perspectives on infrastructure security as well as secure software development.  You will be part of the Cyber Security organization, with a lot of room to grow and develop your skills, knowledge, and experience.

Requirements Specification:

Who you are? 

We are looking for people to join us who share and are passionate about culture and values which play a major part in our business and day-to-day work life. For you to thrive and grow with IKEA, it is important that you naturally lead with our values in mind such as togetherness, renew and improve, simplicity, different with a meaning and caring for people and planet. You can read more about our values and life at IKEA at ikea.com. 

We expect that you understand the complexities in security and risk mitigations in software development that manifest themselves in complex and distributed systems. You know that things are not black and white. You are curious, open-minded and can work independently towards a common goal. 

What we hope that you bring to the table: 

• You have development experience and can write reliable software in Python or any other programming language. Or Security engineer with clear understanding of Secure Software Development Lifecycle.
• Experience utilizing CI/CD practices to Automate security testing tools like SAST (Static Application Security Testing), SCA (Software Composition Analysis), IaC scanning or Container scanning tools in GitHub, Azure DevOps etc. 
• Experience in cloud native environments and preferably Google Cloud Platform or Azure. 
• Experience in working with REST API’s and API security. 
• You have good infrastructure security experience and are passionate about reducing security risks in the cloud.
• You have experience with threat modeling, security design reviews, and security architecture.
• Experience with CI/CD pipelines (preferably Github actions), Kubernetes and infrastructure-as-code is a plus. 

NOTE: NIST is important