Security Engineer

Job Description:

• Elicit, analyze, and document business requirements from various stakeholders, ensuring a clear understanding of their needs and objectives for FX and Money Market Business in Calypso.
• Work with the Product Owner (PO) if any on this project to prioritize requirements and decompose them into detailed user stories, ensuring a clear roadmap for development.
• Translate requirements into comprehensive functional specifications, including detailed descriptions of user interactions, data flows, and system behavior.
• Collaborate with development teams to ensure that the software design aligns with the functional specifications and meets the defined requirements.
• Provide functional expertise to the development team, ensuring they have a clear understanding of the business processes and user needs.
• Research existing solutions, both internal and external, to determine if they can be leveraged to meet the business requirements.
• Understand technical constraints and participate in software design discussions, ensuring that the solution is feasible and aligns with the overall system architecture.
• Ensure the functional quality of the software, including participation in functional testing and providing functional support during production.
• Analyze the impact of functional changes on current production Service Level Agreements (SLAs) and Operational Level Agreements (OLAs).
• Contribute to Behavior-Driven Development (BDD) activities by providing user scenarios and supporting functional testing efforts.
• Contribute to deployment activities by providing functional pre-requisites and performing post-deployment checks.
• Support team members in their functional activities, train new joiners, and help resolve functional issues.
• Ensure the seamless integration of the software into the existing IT infrastructure, working closely with the Functional Architect.
• Specifications, workload estimates, planning, test scenarios, documentation.

Requirements:

Top 3 MUST have skills:

• Strong hands-on experience with cloud platforms such as AWS, Azure, or GCP, including secure setup, configuration, and administration of compute, storage, and networking resources.
• Proficient in implementing security controls and automation using Infrastructure as Code (IaC) tools such as Terraform, ensuring compliance and secure deployments.
• Solid understanding of cloud security principles, identity and access management (IAM), encryption, network security (VPC, subnets, VPN), and monitoring tools (e.g., AWS GuardDuty, Security Hub, Inspector) to protect workloads and data.

Qualification:

• Experience with container security and orchestration platforms (e.g., Kubernetes security hardening).
• Knowledge of DevSecOps practices and integrating security into CI/CD pipelines.
• Familiarity with compliance frameworks and cloud security benchmarks (CIS).
• Ability to implement cloud-native threat detection and response solutions.
• Exposure to vulnerability management and remediation in cloud environments.

Basic scripting skills in Python, Bash, or PowerShell for security automation.

Strong troubleshooting skills and ability to work in cross-functional teams.

Experience with disaster recovery and secure backup strategies.