Information Security Engineer (Application Security)

Actively Reviewing the Applications

RBM Software

India, Telangana, Hyderabad Full-Time On-site

Posted 2 weeks ago • Apply by June 15, 2026

Job Description

As an Information Security Engineer, you will play a critical role in driving secure application development and vulnerability remediation across our AWS and Azure cloud environments. You'll collaborate with cross-functional teams to embed security into systems, tools, and workflows, ensuring the security and integrity of our digital assets.

This role is ideal for someone who thrives in a cloud-native, developer-focused environment and is passionate about building scalable security practices—not just identifying issues, but helping resolve them through engineering and automation.

Job Description:

• Conduct vulnerability scans and risk assessments in public cloud environments (AWS, Azure) to identify and remediate security risks

• Support the integration and ongoing use of SAST, DAST, and SCA tools within CI/CD pipelines and developer workflows

• Collaborate with development teams to improve secure application development practices and provide guidance on vulnerability remediation

• Contribute to application and infrastructure threat modeling to proactively identify potential risks

• Evaluate and advise on the security of AI-enhanced applications and large language models (LLMs)

• Apply Kubernetes and container security best practices to help ensure secure deployment of services

• Define and maintain application security governance, policies, and technical standards

• Work with external penetration testers to coordinate testing efforts and ensure timely triage and resolution of findings (note: this is not a primary pen testing role)

• Maintain and enhance security logging and monitoring strategies in collaboration with cloud ops and SIEM teams

• Provide training and knowledge-sharing to development teams on application security tools and best practices

• Stay up to date on current security trends, threats, and regulatory changes to continuously improve security posture

• Partner with IT, legal, compliance, and other teams to ensure a holistic and aligned approach to security

WHAT YOU’LL NEED:

• Bachelor's degree in computer science, Information Security, or a related field or related work experience

• CISSP certification (or equivalent security certification) required; CSSLP is a plus

• 7 years of Information Security experience with at least 5 years in IT roles .

• Strong understanding of security architecture design, particularly in Kubernetes, and familiarity with industry-standard security frameworks and best practices

• Proven experience of conducting penetration tests, vulnerability assessments, risk assessments, and threat modelling.

• Knowledge of regulatory standards such as GDPR, PCI_DSS 4.0, and ISO-27001

• Solid understanding of the Software Development Life Cycle (SDLC) and its integration with secure development practices.

• Strong communication skills in English and the ability to work collaboratively in a team environment.