Enterprise Security Engineer

Enterprise Security Engineer (P3)

Location: Bangalore, India

Who We Are:

Aviatrix is the cloud network security company trusted by more than 500 of the world's leading enterprises. As cloud infrastructures become more complex and costly, the Aviatrix Cloud Network Security platform gives companies back the power, control, security, and simplicity they need to modernize their cloud strategies. Aviatrix is the only secure networking solution built specifically for the cloud, that ensures companies are ready for AI and what's next. Combined with the Aviatrix Certified Engineer (ACE) Program, the industry's leading secure multicloud networking certification, Aviatrix unifies cloud, networking, and security teams and unlocks greater potential across any cloud.

About the Role:

This mid-to-senior-level role is critical for enhancing the security posture of our enterprise systems and ensuring a robust defense against evolving threats. As a key team member, you will drive security initiatives, collaborate with our Detection and Response team, and address complex challenges in a fast-paced, innovative environment. This position requires a self-starter with a strong foundation in enterprise and cloud security, coupled with a track record of learning and adapting to emerging security trends.

Responsibilities:

• Cloud & Infrastructure Security: Architect, deploy, and maintain security measures across Aviatrix's multi-cloud environments (AWS, Azure, GCP), including infrastructure hardening, configuration reviews, and continuous monitoring.
• Application & AI Security Review: Conduct security assessments of business-critical applications and AI/ML deployments—perform threat modeling, secure code reviews, dependency scanning, and penetration tests to identify and remediate vulnerabilities.
• Platform & Tool Management: Design, configure, and manage core security platforms (SSO, IAM, MDM, SIEM, EDR/NDR, email security) to enforce policies consistently across both applications and infrastructure.
• Network Defense & Threat Detection: Evaluate, integrate, and optimize network security technologies (firewalls, IDS/IPS, VPNs) to strengthen protections against ransomware, DDoS, insider threats, and data leakage.
• Incident Response & SOC Partnership: Collaborate with the SOC to triage, investigate, and remediate incidents affecting applications or infrastructure, driving rapid response and post-incident learning.
• Security Automation & Enablement: Develop automation workflows using Python and AWS Lambda to support security operations, incident response, and compliance tasks.
• Phishing Defense & User Education: Design and execute phishing simulation campaigns, analyze results, and lead user education initiatives to improve security awareness across the organization.

Requirements:

• Demonstrated experience conducting in-depth cloud infrastructure security reviews—assessing configurations, network architectures, and control implementations to identify and remediate risks.
• Hands-on experience architecting and securing cloud applications deployed in AWS, with familiarity in other CSPs such as Azure and OCI, and knowledge of each platform's native security services and best practices.
• Strong background in application and AI security: threat modeling, secure code reviews, dependency scanning, and penetration testing of business-critical applications.
• Solid understanding of network defense and threat detection technologies (firewalls, IDS/IPS, VPNs) and proven track record mitigating ransomware, DDoS, insider threats, and data loss.
• Experience with infrastructure-as-code (Terraform, CloudFormation) and CI/CD pipelines to drive automated, secure deployments.
• Proficiency in Python and experience building security automation using AWS Lambda.
• Experience designing and managing phishing simulations and leading user security awareness programs.
• Experience partnering with SOC teams on incident response, investigation workflows, and post-incident lessons learned.
• Excellent communicator and mentor, capable of sharing best practices, coaching junior engineers, and driving cross-functional security awareness.
• Relevant certifications are highly desirable, such as CISSP, CISM, CCSP, AWS Certified Security – Specialty, Azure Security Engineer Associate, or equivalent.