Perform security assessments, manage security tools, and implement DevSecOps practices for cloud infrastructures. Collaborate with developers on secure coding and conduct thorough security reviews. Maintain incident response plans and monitor security incidents and metrics.
About Plum
Plum is an employee insurance and health benefits platform focused on making health insurance simple, accessible and inclusive for modern organizations.
Healthcare in India is seeing a phenomenal shift with inflation in healthcare costs 3x that of general inflation. A majority of Indians are unable to afford health insurance on their own; and so as many as 600mn Indians will likely have to depend on employer-sponsored insurance.
Plum is on a mission to provide the highest quality insurance and healthcare to 10 million lives by FY2030, through companies that care. Plum is backed by Tiger Global and Peak XV Partners.
Roles and Responsibilities:
- Proven expertise in using Terraform and other infrastructure as code tools, managing vulnerabilities, policies and implementing best practices.
- Implement and manage security tools within the CI/CD pipeline, focusing on DevOps practices.
- Monitor and analyse logs, events, and metrics to identify security incidents, potential breaches, and emerging threats.
- Understand runtime security, image scanning, network security, access control, host OS hardening, and vulnerability management in the container lifecycle.
- Develop and maintain incident response plans, procedures, and playbooks for effective handling of security incidents and breaches.
- Design, implement, and maintain security measures for our cloud infrastructure, including VPCs, security groups, IAM roles, and access controls.
- Maintaining security hardening configurations and guidance for the diverse set of service available across AWS, GPC and other public cloud providers.
Experience and Qualifications:
- 2+ years of Security Engineering experience preferably in AWS or GCP Cloud.
- Knowledge in Kubernetes is a must. CKA (Certified Kubernetes Administrator) preferred.
- Bachelor's degree in Computer Science, Information Security, or a related field. Equivalent work experience may be considered.
- Experience with Wiz, Prisma Cloud, Jira, Confluence & Terraform / CloudFormation (Infrastructure as a code)Familiarity with CI/CD tools such as GitHub Actions, Jenkins or CircleCI.
- Good understanding of cloud security architecture, security assessments, audit standards for the Cloud, security threats in the cloud.
- Solid understanding of network protocols, TCP/IP, and network security concepts
Top Skills
AWS
GCP
Terraform
Similar Jobs
The Full Stack Engineer will be responsible for designing and developing software solutions, implementing CI/CD pipelines, and ensuring the reliability and security of platform services. The role also involves DevOps activities, automation tool development, and integration with multiple cloud services.
Be an Early Applicant
The Software Engineer - I - DevOps role involves performing security assessments, managing vulnerabilities, and implementing security tools within CI/CD pipelines. Responsibilities include conducting security reviews, monitoring security incidents, maintaining cloud infrastructure security, and developing incident response plans.
Be an Early Applicant
The Lead Engineer will design and develop automated AWS environments, support system operations, optimize performance, and manage security protocols. Responsibilities include contributing to system documentation, troubleshooting outages, maintaining high availability, and executing application support for product customers.
What you need to know about the Bengaluru Tech Scene
Dubbed the "Silicon Valley of India," Bengaluru has emerged as the nation's leading hub for information technology and a go-to destination for startups. Home to tech giants like ISRO, Infosys, Wipro and HAL, the city attracts and cultivates a rich pool of tech talent, supported by numerous educational and research institutions including the Indian Institute of Science, Bangalore Institute of Technology, and the International Institute of Information Technology.
