SDE-III - Information Security

Job Description: SDE-III - Information Security (Amber) Role: SDE-III - Information Security Department: Engineering / Information Security Location: Pune Employment Type: Full-time About Amber Amber is a global student accommodation platform helping students find and book verified housing across 250+ cities. With over 1 million beds listed and millions of users worldwide, we are building a secure, resilient, and scalable ecosystem that supports students, partners, and universities across the globe. As we continue to expand internationally, safeguarding our platform and customer data is critical. We are looking for an experienced SDE-III - Information Security professional to strengthen our global security posture and ensure trust, privacy, and protection across all regions we operate in. Role Overview As an SDE-III - Information Security, you will be responsible for designing, implementing, and scaling security solutions that protect Amber's global applications, infrastructure, and customer data. You will work across engineering, product, data, and cloud teams to embed security standards throughout the development lifecycle and ensure compliance with international security and privacy requirements. This is a senior-level, high-impact role with significant ownership, autonomy, and influence on technical decision-making. Key Responsibilities Security Architecture & Engineering - Design, implement, and scale security architecture for a global customer base across multiple regions. - Develop security frameworks and best practices aligned with global standards (OWASP, NIST, CIS). - Conduct security design reviews, threat modeling, and risk assessments for new and existing systems. Application & Product Security - Secure Amber's web, API, mobile, and platform products used by customers worldwide. - Integrate SAST, DAST, SCA, and container scanning tools into global CI/CD pipelines. - Perform code reviews and provide guidance to engineering teams on secure coding principles. Cloud & Infrastructure Security - Strengthen cloud security posture across AWS multi-region deployments. - Implement IAM governance, secrets management, network isolation, and workload protections. - Automate detection and remediation of cloud misconfigurations across global environments. Security Operations & Automation - Lead incident response for global systems and coordinate cross-functional communication. - Build automation for log ingestion, anomaly detection, and response workflows. - Improve observability and response capabilities using SIEM/SOAR tools. Governance, Compliance & Global Standards - Support Amber's global compliance programs including SOC2, ISO 27001, GDPR, PCI-DSS, and region-specific privacy regulations. - Conduct vendor and partner security evaluations across international markets. - Build and maintain security documentation, policies, and global processes. Qualifications & Skills Must-Have - 6-10 years of experience in Information Security, Application Security, or Cloud Security roles. - Expertise in securing large-scale, customer-facing platforms or SaaS products. - Strong experience with AWS security services across multi-region architectures. - Proficiency in one or more languages: Python, Go, Java, or Node.js. - Hands-on experience with CI/CD security tools (SAST, SCA, DAST, container scanning). - Deep understanding of OWASP Top 10, secure SDLC, threat modeling, and vulnerability management. - Experience working with global teams and supporting systems with international user bases. Good-to-Have - Experience with Kubernetes security, container runtime protections, and eBPF tools. - Experience building custom security automation or internal security tools. - Familiarity with SIEM/SOAR, EDR, IDS/IPS, and advanced threat detection systems. - Security certifications: OSCP, OSWE, GIAC, CISSP, CSSLP, CISM. What We Offer - Competitive global compensation package. - Opportunity to safeguard a high-scale global platform impacting millions of users. - Ownership, influence, and room to innovate within a fast-scaling environment. - Inclusive and collaborative culture focused on learning and excellence.