Staff Information Security Engineer

Druva, the autonomous data security company, puts data security on autopilot with a 100% SaaS, fully managed platform to secure and recover data from all threats. The Druva Data Security Cloud ensures the availability, confidentiality, and fidelity of data - providing customers with autonomous protection, rapid incident response, and guaranteed data recovery. The company is trusted by its more than 6,000 customers, including 65 of the Fortune 500, to defend business data in today’s ever-connected world. Amidst a rapidly evolving security landscape, Druva offers a $10 million Data Resiliency Guarantee ensuring customer data is protected and secured against every cyber threat.

About the Role:

As a Staff Information Security Engineer, you'll play a pivotal role securing both our cloud-based systems and on-premises infrastructure. You'll leverage your deep expertise in AWS, Azure, and infrastructure security concepts (networks, systems, applications, Identity) to orchestrate and implement robust security solutions across their entire lifecycle. Your duties involve leading projects to fortify Druva's Cloud and IT infrastructure, continuously monitoring and analyzing cloud security posture for threats, vulnerabilities, and risky configurations, and embedding security best practices into operations and IT workflows. You'll also collaborate across teams to engineer secure configurations, recommend security improvements and stringent controls, safeguarding Druva's valuable data and assets.

• Conduct vulnerability assessments & triage across AWS/Azure cloud workloads, containers, and serverless environments.
• Drive remediation with CloudOps and engineering teams.
• Utilize CSPM/CNAPP tools to monitor cloud configurations & mitigate security alerts (network, identity, workload, data).
• Collaborate with cyber defence, DevOps (IaC security scanning), and compliance teams to enhance detection, automation, and adherence.
• Advise on secure configurations for AWS services (SGs, NACLs, WAF, VPC, CloudTrail, S3, RDS, ELB, GuardDuty).
• Develop & maintain cloud & IT security baselines, standards, & protocols for Druva infrastructure.
• Craft granular IAM roles & scrutinize access requests to enforce PoLP.
• Maintain security compliance across production, development, & corporate systems (public cloud & on-prem).
• Review cloud & local infrastructure designs, define security requirements, & recommend secure architectures, controls, & network configurations.
• Assume additional duties as needed to uphold and enhance organizational security.

Desired Skills and Qualifications:

• 6+ years' experience in cloud and systems security for medium-large enterprises.
• BE/BTech or equivalent preferred.
• Ability to threat model hybrid (cloud + on-prem) infrastructures from an attackers perspective, to guide prioritization and focus.
• Solid and up to date understanding of cloud attacker tools, techniques and procedures.
• Familiarity with SaaS application architectures. Expertise in a major public cloud platform (AWS/Azure preferred).
• Deep understanding of security principles, defense-in-depth, networking protocols (DNS, VPN, etc.) and OS (Windows, Mac, Linux/Unix, VDI).
• Proven use of vulnerability scanning tools (Tenable, Qualys, etc.) and security frameworks (CVE, CVSS, CWE, NIST, CIS).
• Implementation experience in IDS/IPS/Email Security/EDR/WAF/DLP/PAM/ATP security solutions.
• Excellent analytical & problem-solving skills. Automation & Scripting (Bash, PowerShell, Python) a plus.
• Security certifications (AWS Security Specialty, Azure Security Engineer Associate, CCSP) preferred.