Security & Compliance Engineer – Cloud & AI

Job Title: Security & Compliance Engineer – Cloud & AI

Location: Bangalore / Pune / Gurugram / Remote
Experience: 5 – 7 years

Position Summary:

We are looking for an experienced Security & Compliance Engineer to define and enforce identity, data protection, encryption, and perimeter controls across our cloud and AI environments. This role ensures compliance readiness, audit preparedness, and secure deployment of modern AI workloads in Google Cloud Platform (GCP).

Key Responsibilities:

• Define and enforce identity, access, and data handling policies across cloud environments.
• Implement IdP/SSO integrations, define region/model usage approvals, and manage logging and retention standards.
• Deploy and manage CMEK, Secret Manager, and VPC Service Controls for secure cloud operations.
• Validate HIL approvals, quotas, and DLP scans to ensure data compliance and protection.
• Conduct compliance attestations and lead audit evidence collection processes.
• Collaborate with AI teams to align AI platform usage (Google Gemini, Vertex AI, OpenAI APIs, Model Armor, etc.) with organizational security and compliance standards.

Required Qualifications:

• 5–7 years of experience in cloud security, compliance, and audit frameworks.
• Strong knowledge of IAM, encryption, data protection, and network perimeters.
• Experience implementing and managing VPC Service Controls, Secret Manager, CMEK, and IAP.
• Familiarity with modern AI/ML platforms, including:
• Google Gemini
• Vertex AI Agent Builder (ADK)
• OpenAI APIs
• Model Armor
• Proven experience with compliance frameworks (e.g., ISO 27001, SOC 2, GDPR, HIPAA).

Preferred Qualifications:

• Certifications such as CISSP, CCSP, CISM, or equivalent.
• Experience with AI safety, governance, and responsible AI frameworks.
• Proficiency with Cloud Logging, Cloud Monitoring, and BigQuery (GBQ).
• Knowledge of Terraform/IaC for security configuration automation.

Key GCP Services & Tools (Role Focus):

• Secret Manager – Best practices for secret rotation and access control.
• Cloud KMS (CMEK & Autokey) – Customer-managed encryption keys.
• VPC Service Controls (VPC SC) – Perimeter enforcement and isolation.
• Identity-Aware Proxy (IAP) – Controlled access to cloud applications.
• Cloud Armor – WAF, DDoS protection, and rate limiting.
• Cloud Logging & Monitoring – Visibility and auditing for compliance.

KPIs / Success Measures:

• Zero high/critical security findings at go-live.
• Reduction in perimeter violations and misconfigurations.
• Successful completion of internal/external audits with full evidence compliance.
• Consistent adherence to data protection and encryption standards.

Job Types: Full-time, Permanent

Pay: ₹700,000.00 - ₹1,200,000.00 per year

Benefits:

• Health insurance
• Provident Fund

Application Question(s):

• Relevant experience working as " Security & Compliance Engineer " ?
• Notice Period ?
• Current CTC?
• Expected CTC?

Experience:

• Cloud security: 1 year (Required)
• Compliance management: 1 year (Required)
• Audit frameworks.: 1 year (Required)

Work Location: Remote