Easy Apply
Easy Apply
The Lead Security Engineer will enhance the security posture at Arcana, focusing on GCP and cloud infrastructure, while automating controls and ensuring compliance with various standards.
As our Lead Security Engineer, you'll own and elevate Arcana's overall security posture - cloud, on-prem, and everything in between. You'll design and enforce policies, automate controls, and harden infrastructure end-to-end. While your primary focus will be on our GCP resources, you'll also partner with teams across networking, applications, and compliance to ensure we're secure by design and resistant to drift.
Responsibilities:
- Enterprise Security Architecture - Governance and Compliance, including driving adherence to ISO 27001, SOC 2, GDPR, and enforcing CIS benchmarks on all infrastructure.
- Policy, Automation, and Guardrails - own the end-to-end security lifecycle by defining policy-as-code, embedding continuous compliance checks into CI/CD, and building automated, drift-resistant guardrails across cloud, containers, and VMs.
- Infrastructure Hardening and Drift Detection - implement automated drift alerts and self-healing playbooks for VPCs, firewall rules, Kubernetes clusters, and endpoints.
- Monitoring, Logging, and Incident Response - configure Cloud Audit Logs, SIEM exports, and custom alerts for critical security events; lead root-cause investigations, build detection logic, and develop runbooks for cloud-wide incidents.
Requirements:
- 5+ years driving security and compliance in dynamic, regulated environments- securing cloud-native platforms and hybrid infrastructures, with deep familiarity in fintech and portfolio-management standards, and best practices for supporting distributed, remote teams.
- Deep expertise with GCP security (IAM, KMS, VPC Service Controls, Cloud Logging/Audit, WAF, SecOps) and Kubernetes application hardening.
- Strong Infrastructure-as-Code skills (Terraform or equivalent) and GitOps experience (ArgoCD, Flux).
- Proficiency in Python scripting and policy-as-code frameworks (OPA, Gatekeeper).
- Excellent communicator - able to translate technical findings into clear policies and remediation plans.
Helpful Experience:
- Familiarity with multi-cloud security controls.
- Security certifications (GCP Professional Security Engineer, CISSP, CKA/CKS).
- Experience with service mesh (Istio/Anthos) or zero-trust architectures.
Top Skills
Argocd
Cloud Audit
Cloud Logging
Flux
Gatekeeper
GCP
Iam
Kms
Kubernetes
Opa
Python
Secops
Terraform
Vpc Service Controls
Waf
Similar Jobs
Fintech • Financial Services
Lead incident response activities and conduct technical investigations of security incidents. Provide security consulting and design complex security solutions. Analyze digital evidence and develop incident response strategies.
Top Skills:
AutopsyCellebrite)Cloud SecurityCryptographyDigital ForensicsEncaseForensic Tools (FtkIncident ResponseInformation SecurityNetwork SecurityRisk ManagementSecurity ConsultingVolatilityX-Ways
Fintech • Financial Services
The Lead Information Security Engineer will manage encryption solutions, respond to issues, provide mentorship, and ensure compliance with regulatory standards.
Top Skills:
AnsibleCloud Key ManagersEncryptionHsmIbm SgklmKey ManagementLinuxPythonThales Ciphertrust ManagerTklmYaml
Cloud • Software
The Lead Software Engineer will design and implement network security solutions, collaborate with teams, and improve technology in a client-centric role.
Top Skills:
AWSAzureCC++ElkGCPGoGrafanaIdsIpsecIptablesJavaPythonSplunkVpn
What you need to know about the Bengaluru Tech Scene
Dubbed the "Silicon Valley of India," Bengaluru has emerged as the nation's leading hub for information technology and a go-to destination for startups. Home to tech giants like ISRO, Infosys, Wipro and HAL, the city attracts and cultivates a rich pool of tech talent, supported by numerous educational and research institutions including the Indian Institute of Science, Bangalore Institute of Technology, and the International Institute of Information Technology.
