Senior Cybersecurity Engineer

About Plum

Plum is an employee insurance and health benefits platform focused on making health insurance simple, accessible and inclusive for modern organizations. Healthcare in India is seeing a phenomenal shift with inflation in healthcare costs 3x that of general inflation. A majority of Indians are unable to afford health insurance on their own; and so as many as 600mn Indians will likely have to depend on employer-sponsored insurance.

Plum is on a mission to provide the highest quality insurance and healthcare to 10 million lives by FY2030, through companies that care. Plum is backed by Tiger Global and Peak XV Partners.

Position Overvie

wWe are seeking an experienced Senior Cybersecurity Engineer with 4+ years of expertise to lead our security initiatives and protect our healthcare platform. This role is critical in ensuring the security, privacy, and compliance of our systems that handle sensitive healthcare data for millions of users while enabling rapid business growth

**.

Key Responsibiliti**

esCore Security Experti

• seDemonstrate deep understanding of security domain principles and concepts across multiple disciplin
• esLead expertise across critical security domains includin
• g:Advanced Incident Response and forensi
• csRed Team operatio
  ns and adversarial simulati
• onSophisticated Malware Analysis and reverse engineeri
• ngAttack metrics development and threat modeli
• ngComprehensive Vulnerability Assessment & Penetration Testi
• ngProactive Threat Hunting & Root Cause Analys
• isMalicious Code analysis and deciphering techniqu
• esAdvanced SIEM Analysis, XDR integration, and SOAR orchestrati
• onExecute complex incident triage based on advanced security parameters and established methodologi
• esLeverage strong scripting expertise (Python, C#, JSON, shell scripting) for security automation and tool developme
• ntDesign and architect secure systems, networks, and application infrastructures for healthcare environmen
• tsMaintain hands-on expertise with enterprise security tools includin
  g Symantec Endpoint Protection & Encryption, Tenable Nessus, Kali Linux, and Burp Sui

**te

Cloud Security Architecture & Engineer**

• ingDesign and implement enterprise-grade secure cloud architectures aligned with industry frameworks (CIS, NIST, ISO 270
• 01)Define, maintain, and enforce security patterns for Infrastructure as Code implementations using Terraform and H
• elmArchitect comprehensive security for AWS and GCP services, Kubernetes clusters (EKS/GKE), serverless functions, and containerized worklo
• adsLead the implementation of zero-trust security models and micro-segmentation strateg
• iesDesign secure multi-cloud and hybrid cloud architectures for healthcare data process

**ing

Security Operations & Monito**

• ringImplement and optimize native cloud security tools including AWS Security Hub, GCP Security Command Center, and integrated third-party platf
• ormsDeploy and manage advanced security platforms including CrowdStrike, Snyk, Wiz, Prisma Cloud, and Sentine
• lOneConfigure and maintain Cloud Security Posture Manage
• mentIntegrate comprehensive security posture monitoring with observability tools like DataDog and enterprise SIEM platf
• ormsConduct regular security audits, automated vulnerability assessments, and compliance verification ch
• ecksDevelop custom security metrics and KPIs for executive repor

**ting

Incident Response & Threat Dete**

• ctionLead investigation and response activities for complex cloud-based security incidents and data bre
• achesDevelop, maintain, and continuously improve incident response playbooks and forensics proce
• duresLeverage threat intelligence feeds and frameworks to enhance detection capabilities and threat hunting activ
• itiesCoordinate with external security vendors and law enforcement during major inci
• dentsConduct post-incident reviews and implement preventive mea

**sures

Governance, Risk & Comp**

• lianceSupport and lead regulatory audits, comprehensive risk assessments, and compliance initiatives (ISO27001, GDPR,
• SOC2)Define, implement, and enforce enterprise cloud security standards, policies, and proc
• eduresProvide subject matter expertise in secure access management, data protection strategies, and encryption key mana
• gementManage vendor security assessments and third-party risk evalu
• ationsDevelop and maintain security awareness training programs for technical and non-technical

**staff

Required Qualifi**

cationsExperience & Ed

• ucation4+ years of hands-on experience in cybersecurity roles with a proven track record of securing production environments a
• t scaleBachelor's or Master's degree in Computer Science, Cybersecurity, Information Security, or related technica
• l fieldExperience in healthcare, fintech, or other highly regulated industries is strongly pr

**eferred

Core Technical E**

• xpertiseCloud Security P
  latforms: Expert-level proficiency in cloud security archit
• ect
  ures:AWS: Deep knowledge of AWS security services, Security Hub, GuardDuty, CloudTrail, Config, IAM, KMS, and VPC
• sec
  urityGCP: Comprehensive understanding of Security Command Center, Cloud Security Scanner, Identity and Access Management, and VPC security
• controlsSecurity Tools & P
  latforms: Hands-on experience with enterprise security solutions in
• cluding:Endpoint protection: Symantec Endpoint Protection & En
• cryptionVulnerability management: Tenable Nessus, penetration testing fr
• ameworksSecurity testing: Kali Linux, Burp Suite, OWASP metho
• dologiesCloud security: CrowdStrike, Snyk, Wiz, Prisma Cloud, Sen
• tinelOneContainer & Kubernetes
  Security: Advanced proficiency in securing containerized environments including RBAC, network policies, admission controllers, and Pod Security S
• tandardsProgramming & S
  cripting: Strong development skills in Python, Bash, Go, and Infrastructure as Code tools (Terraform, CloudFo
• rmation)Authentication & Autho
  rization: In-depth understanding of modern identity protocols including OAuth2, OpenID Connect (OIDC), SAML, and zero-trust archi

**tectures

Security Specia**

• lizationsIncident
  Response: Proven experience leading complex security incident investigations and coordinating response a
• ctivitiesThreat Int
  elligence: Experience with threat hunting, malware analysis, and leveraging threat intelligence
• platformsDevSecOps In
  tegration: Hands-on experience integrating security tools into CI/CD pipelines and implementing security-as-code
• practicesSecurity Arc
  hitecture: Experience designing secure system architectures and implementing defense-in-depth s

**trategies

Professional Cert**

• ificationsRequired Cert
  ifications (minimum 2 of the f
• ollowing):AWS Certified Security -
• SpecialtyGoogle Professional Cloud Securit
• y EngineerCertified Information Systems Security Profession
• al (CISSP)Certified Kubernetes Security Specia
• list (CKS)Certified Information Security Mana
• ger (CISM)CompTIA
• Security+Certified Ethical Ha

**cker (CEH)

Leadership & Communica**

• tion SkillsProven ability to lead security initiatives and mentor junior security pr
• ofessionalsExperience with crisis management and executive-level securit
• y reportingStrong written and verbal communication skills for technical and non-technica
• l audiencesAbility to work independently while collaborating effectively across cross-funct
• ional teamsExperience with security awareness training and building secur

ity culture