▷ [High Salary] Cybersecurity Engineer

About Plum Plum is an employee insurance and health benefits platform focused on making health insurance simple accessible and inclusive for modern organizations Healthcare in India is seeing a phenomenal shift with inflation in healthcare costs 3x that of general inflation A majority of Indians are unable to afford health insurance on their own and so as many as 600mn Indians will likely have to depend on employer-sponsored insurance Plum is on a mission to provide the highest quality insurance and healthcare to 10 million lives by FY2030 through companies that care Plum is backed by Tiger Global and Peak XV Partners Position Overview We are seeking an experienced Senior Cybersecurity Engineer with 4 years of expertise to lead our security initiatives and protect our healthcare platform This role is critical in ensuring the security privacy and compliance of our systems that handle sensitive healthcare data for millions of users while enabling rapid business growth Key Responsibilities Core Security Expertise Demonstrate deep understanding of security domain principles and concepts across multiple disciplines Lead expertise across critical security domains including Advanced Incident Response and forensics Red Team operations and adversarial simulation Sophisticated Malware Analysis and reverse engineering Attack metrics development and threat modeling Comprehensive Vulnerability Assessment Penetration Testing Proactive Threat Hunting Root Cause Analysis Malicious Code analysis and deciphering techniques Advanced SIEM Analysis XDR integration and SOAR orchestration Execute complex incident triage based on advanced security parameters and established methodologies Leverage strong scripting expertise Python C JSON shell scripting for security automation and tool development Design and architect secure systems networks and application infrastructures for healthcare environments Maintain hands-on expertise with enterprise security tools including Symantec Endpoint Protection Encryption Tenable Nessus Kali Linux and Burp Suite Cloud Security Architecture Engineering Design and implement enterprise-grade secure cloud architectures aligned with industry frameworks CIS NIST ISO 27001 Define maintain and enforce security patterns for Infrastructure as Code implementations using Terraform and Helm Architect comprehensive security for AWS and GCP services Kubernetes clusters EKS GKE serverless functions and containerized workloads Lead the implementation of zero-trust security models and micro-segmentation strategies Design secure multi-cloud and hybrid cloud architectures for healthcare data processing Security Operations Monitoring Implement and optimize native cloud security tools including AWS Security Hub GCP Security Command Center and integrated third-party platforms Deploy and manage advanced security platforms including CrowdStrike Snyk Wiz Prisma Cloud and SentinelOne Configure and maintain Cloud Security Posture Management Integrate comprehensive security posture monitoring with observability tools like DataDog and enterprise SIEM platforms Conduct regular security audits automated vulnerability assessments and compliance verification checks Develop custom security metrics and KPIs for executive reporting Incident Response Threat Detection Lead investigation and response activities for complex cloud-based security incidents and data breaches Develop maintain and continuously improve incident response playbooks and forensics procedures Leverage threat intelligence feeds and frameworks to enhance detection capabilities and threat hunting activities Coordinate with external security vendors and law enforcement during major incidents Conduct post-incident reviews and implement preventive measures Governance Risk Compliance Support and lead regulatory audits comprehensive risk assessments and compliance initiatives ISO27001 GDPR SOC2 Define implement and enforce enterprise cloud security standards policies and procedures Provide subject matter expertise in secure access management data protection strategies and encryption key management Manage vendor security assessments and third-party risk evaluations Develop and maintain security awareness training programs for technical and non-technical staff Required Qualifications Experience Education 4 years of hands-on experience in cybersecurity roles with a proven track record of securing production environments at scale Bachelor s or Master s degree in Computer Science Cybersecurity Information Security or related technical field Experience in healthcare fintech or other highly regulated industries is strongly preferred Core Technical Expertise Cloud Security Platforms Expert-level proficiency in cloud security architectures AWS Deep knowledge of AWS security services Security Hub GuardDuty CloudTrail Config IAM KMS and VPC security GCP Comprehensive understanding of Security Command Center Cloud Security Scanner Identity and Access Management and VPC security controls Security Tools Platforms Hands-on experience with enterprise security solutions including Endpoint protection Symantec Endpoint Protection Encryption Vulnerability management Tenable Nessus penetration testing frameworks Security testing Kali Linux Burp Suite OWASP methodologies Cloud security CrowdStrike Snyk Wiz Prisma Cloud SentinelOne Container Kubernetes Security Advanced proficiency in securing containerized environments including RBAC network policies admission controllers and Pod Security Standards Programming Scripting Strong development skills in Python Bash Go and Infrastructure as Code tools Terraform CloudFormation Authentication Authorization In-depth understanding of modern identity protocols including OAuth2 OpenID Connect OIDC SAML and zero-trust architectures Security Specializations Incident Response Proven experience leading complex security incident investigations and coordinating response activities Threat Intelligence Experience with threat hunting malware analysis and leveraging threat intelligence platforms DevSecOps Integration Hands-on experience integrating security tools into CI CD pipelines and implementing security-as-code practices Security Architecture Experience designing secure system architectures and implementing defense-in-depth strategies Professional Certifications Required Certifications minimum 2 of the following AWS Certified Security - Specialty Google Professional Cloud Security Engineer Certified Information Systems Security Professional CISSP Certified Kubernetes Security Specialist CKS Certified Information Security Manager CISM CompTIA Security Certified Ethical Hacker CEH Leadership Communication Skills Proven ability to lead security initiatives and mentor junior security professionals Experience with crisis management and executive-level security reporting Strong written and verbal communication skills for technical and non-technical audiences Ability to work independently while collaborating effectively across cross-functional teams Experience with security awareness training and building security culture