Specialist Cloud Application Security

About Us
We are a leading global financial technology company transforming how the securities finance industry trades, settles, and analyzes data. Our award-winning Trading, Post-Trade, Data & Analytics, RegTech, and SaaS solutions power efficiency, transparency, and innovation for over 200 of the world's top financial institutions. Every month, our platform supports over $2.4 trillion in executed transactions, a testament to our technology's impact and reliability.

With offices across North America, UK&I, and APAC, we bring together diverse teams of technologists, data experts, and business professionals who thrive on solving complex challenges at scale. We are Great Place to Work Certified in the US, UK, Ireland, and India and have been recognized for Diversity & Inclusion excellence as well as for being the Best Post-Trade Service Provider and Best Market Data Provider Globally (Securities Finance Times Industry Excellence Awards, 2023).

Founded in 2001 by ten of the world's leading financial institutions, we continue to shape the future of securities finance under the majority ownership of Welsh, Carson, Anderson & Stowe (WCAS) alongside founding shareholders and customers including Bank of America, Bank of New York, BlackRock, Goldman Sachs, Morgan Stanley, National Bank of Canada, State Street, UBS and Wells Fargo.

Join us and be part of a company where global impact, innovation, and collaboration define how we work and what we build.

About The Role
We are looking for a Specialist, Cloud Application Security to join us in Bengaluru. Our Security team protects our AWS-first environment, embedding security throughout our development lifecycle and driving automation across our global cloud infrastructure.

You'll work closely with our DevOps, Application Security, and Compliance teams to secure cloud workloads, strengthen architecture governance, and automate compliance within our AWS ecosystem. This role will play a key part in ensuring our platforms meet global security and regulatory standards, contributing directly to our ISO 27001, SOC 2, and DORA certifications.

This is a hands-on position suited to someone who enjoys solving complex cloud security challenges, building scalable detection and response automation, and shaping secure foundations that enable development teams to move confidently and securely.

What You'll Do

• Lead security posture management across AWS environments, identifying misconfigurations and driving remediation through collaboration with DevOps teams.
• Operate and enhance our CSPM and CNAPP tools (such as CrowdStrike Cloud Security or Wiz) to monitor and secure workloads across multiple accounts.
• Strengthen architecture governance by reviewing and hardening AWS configurations, ensuring secure S3 encryption, IAM controls, and key lifecycle management.
• Integrate AWS-native capabilities such as Security Hub, GuardDuty, and Config into automated detection and response workflows.
• Partner with the DevOps and AppSec teams to embed security into Terraform and CloudFormation templates, enforcing policy as code and IaC scanning.
• Work with our DevSecOps function to implement dependency and software composition analysis using tools such as Black Duck, ensuring secure build pipelines and compliant software inventories.
• Support audits and certification processes (ISO 27001, SOC 2, DORA), maintaining evidence and collaborating with external auditors.
• Contribute to continuous improvement by evaluating new security technologies, automating reporting, and helping to refine internal security standards.
• Assist in incident response investigations and triage of cloud-related security alerts, ensuring quick containment and root cause analysis.

What We're Looking For

• 7+ years of commercial experience in cloud security, with strong hands-on expertise in AWS (Azure knowledge beneficial but secondary).
• Proven experience using CSPM/CWPP tools such as CrowdStrike Cloud Security, Wiz, or Prisma Cloud to monitor and secure workloads.
• Strong knowledge of AWS-native security services including Security Hub, GuardDuty, Config, IAM, and KMS.
• Experience embedding security controls in IaC (Terraform, CloudFormation) and CI/CD pipelines.
• Familiarity with DevSecOps practices and software composition analysis tools (e.g., Black Duck).
• Demonstrated ability to collaborate with auditors and maintain compliance with frameworks such as ISO 27001, SOC 2, and DORA.
• Proficiency in scripting languages such as Python, Bash, or PowerShell for automation and reporting.
• Excellent communication and problem-solving skills, with the ability to simplify and communicate technical risk.
• AWS Certified Solutions Architect or relevant AWS security certifications are highly desirable.

Benefits

• Hybrid Working: Enjoy the flexibility of working remotely for up to 50 days each year.
• Variable Pay: Annual performance related variable pay award to reward your performance and contributions to the company's success.
• Generous Vacation Days Per Year: Take advantage of paid vacation days annually, plus public bank holidays.
• Family Health Insurance Coverage: Comprehensive health insurance coverage for you and your dependents available from your first day.
• Personal Accidental Injury Insurance: Feel secure with personal accidental injury insurance provided from the start of your employment.
• Annual Team Building Retreat: Participate in an annual team-building retreat at a new and exciting location each year.

Diversity & Inclusion
At EquiLend, we are committed to fostering an inclusive and diverse workplace where everyone is respected and valued. We believe that a variety of perspectives drives innovation and strengthens our success. If you require any reasonable accommodations during the interview process, please let us know - we're here to support you.