Senior Engineer – Infra, Compliance & Security at Devsinc…

We’re looking for a Senior Engineer with strong security experience (Data Privacy Compliance) with strong experience in Python, Terraform, and AWS.You’ll play a key role in designing and maintaining secure and compliant infrastructure, automating compliance controls, and ensuring our systems meet global data privacy and security standards such as SOC 2, GDPR, and ISO 27001 etc.While your core focus will be on infrastructure security, compliance automation, and AWS, you may be required to develop other technology based modules such as Python, Ruby on Rails, internal documentation, or broader DevSecOps initiatives.Responsibilities:Architect security and data privacy solutions, setup infrastructure, develop common capabilities, document uptake recipes and enable other developers uptakeObserve and monitor IT security and improve security operations on on-going basis in collaboration with the rest of the security and IT operations teamImplement security guardrails and baselines using Terraform and AWS native controls (Config, IAM, KMS, CloudTrail, Security Hub)Develop and maintain Python-based automation for compliance validation, audit data collection, and remediation workflowsContribute to secure CI/CD, BAU practices and integrate policy-as-codeMap and operationalize controls for GDPR, SOC 2, ISO 27001, PCI DSS, etcApply privacy-by-design principles for data storage, access control, and retentionwork with third parties, standards and compliance bodies to achieve industry certifications and maintain/improve the companies certification and compliance levelsOccasionally support Python and Rails applications by advising on secure configurations and dependenciesHelp maintain documentation of security architecture, risk assessments, and compliance proceduresPartner with DevOps and Engineering teams to embed security and compliance early in designRequirementsProficient in Python for automation, scripting, and AWS SDK (boto3) integrationsStrong experience with Terraform and infrastructure-as-code best practicesDeep understanding of general cloud security and AWS security services (IAM, KMS,CloudTrail, Config, Security Hub, GuardDuty)Solid understanding of network security, identity management, and data protectionExperience in regulated or audit-driven environments (finance, SaaS etc.)Experience implementing security monitoring, incident response automation, orAwareness of data privacy and compliance frameworks (GDPR, SOC 2, ISO 27001)Interest in compliance-as-code, privacy-by-design, or DevSecOps pipelinesStrong communication, team mentoring, process management, documentation andPrior experience working in compliance-sensitive or regulated environments (finance, SaaS, healthcare)Exposure to Zero Trust architecture concepts and identity-based access designKnowledge of policy-as-code or security automation (OPA, Checkov, tfsec, Sentinel)Familiarity with Web apps, including Rails application security (headers, CSRF, secrets management)BenefitsProvident Fund, Medical Inpatient Facility, Medical Outpatient Facility, Paid Overtime, In-house Subsidized Lunch Dinner, Gym Facility, Entertaining Activities, Interest Free Loan Facility, Advance Salaries and Sports Allowance.