Apply on Kit Job: kitjob.in/job/47mf0r

About WebEngage:

WebEngage is an enterprise-grade customer engagement and retention platform that helps global brands across industries such as e-commerce, fintech, travel, edtech, gaming, media, and consumer apps. and turn data into measurable revenue impact.

Trusted by 800+ brands globally, we have strong presence in India, UAE, KSA, SEA, Europe and beyond.

WebEngage powers intelligent, real-time engagement across the entire customer lifecycle.

- We are built for scale.

- We are built for complexity.

- We are built for outcomes.

At our core, WebEngage is a full-stack retention operating system that combines:

- A powerful Customer Data Platform (CDP)

- Real-time behavioral segmentation and intelligence

- Omnichannel journey orchestration

- AI-driven personalization and recommendations

- Deep analytics, experimentation, and revenue attribution

- WebEngage BLACK: our AI-native layer that brings Agentic capabilities to engagement.

Learn more about us at www.webengage.com

Position Overview

We are seeking a skilled Security and Compliance Engineer to join our team. In this role, you will play a pivotal part in maintaining and enhancing our security posture, ensuring compliance with industry standards, and collaborating across teams to mitigate risks. This position involves hands-on technical work, process optimization, and project management in a agile SaaS environment. The responsibilities listed below are non-exhaustive; you will have access to established onboarding procedures and will grow by assuming broader ownership over time. Key aspects include implementing security tools, reviewing processes, and driving cross-functional initiatives to meet security obligations.

Responsibilities:

- Conduct penetration tests using specialized tools to identify vulnerabilities and collaborate with Development or DevOps teams to plan and implement remediation strategies.

- Coordinate with external Vulnerability Assessment and Penetration Testing (VAPT) vendors for audits, serving as the liaison between the vendor and the engineering team.

- Partner with the DevOps team to perform cloud security audits and develop remediation plans.





- Respond to security questionnaires from customers or vendors and address security-related questions during virtual meetings.

- Lead security-related projects, providing regular progress updates and reports.

- Implement and configure tools to enhance security practices, including static code analysis and automated code audits.

- Manage the security calendar and execute activities such as:

1. Cloud Business Continuity Planning (BCP) and Disaster Recovery (DR) exercises in collaboration with the DevOps team.

2. Cryptographic audits (including encryption at rest and in transit) and key rotation processes with DevOps support.

3. Audits of automated code quality checks within CI/CD pipelines.

4. Reviews of standard operating procedures to ensure adherence and timely execution.

- Oversee the compliance calendar for standards such as ISO 27001, ISO 27701, SOC 2, and future certifications, including:

1. Coordinating with responsible teams to ensure all required activities are completed on schedule.

2. Responding to technical and process-related inquiries during audits alongside other team members.

3. Monitoring and ensuring employee security training and retraining programs are up to date.

4. Tracking and maintaining all security-related metrics.

5. Handling any additional audit-related tasks.

Required Qualifications:

- Strong understanding of SaaS applications and associated security challenges.

- Familiarity with one or more cloud platforms, such as AWS, GCP, or Azure.

- Knowledge of fundamental networking concepts, including OSI layers, TLS protocols, and cryptography.

- Proficiency in at least one scripting language (e.g., Python, Java, Node.js).

- Awareness of common security risks, including OWASP Top 10, CIS Benchmarks, and recent CVE vulnerabilities.

- Excellent verbal and written communication skills for interacting with internal and external stakeholders, as well as project reporting.





- Commitment to continuous learning and staying current with evolving security trends.

Preferred Skills and Knowledge

Experience with security compliance frameworks such as ISO 27001, ISO 27701, SOC 2, HIPAA, or similar; relevant cybersecurity certifications are a plus.

Minimum Qualifications

- Bachelor's degree in Engineering or equivalent in a related field, such as Computer Engineering, Electronics, or Telecommunications.

- 3 to 5 years of relevant experience in security, compliance, or a similar role.

Life at WebEngage:

- We take transparency very seriously. Along with a full view of team goals, get a top-level view across the board with our monthly & quarterly town hall meetings.

- A highly inclusive work culture that promotes a relaxed, creative and productive environment.

- Practice autonomy, open communication, and growth opportunities, while maintaining a perfect work-life balance

Perks & Benefits:

Learning is a way of life. Unlock your full potential with cutting-edge tools and mentorship (MacBook for Engagers!).

Get the best in class medical insurance (with Covid Care facilities), programs for taking care of your mental health, and a Contemporary Leave Policy (beyond sick leaves)

Explore more here:

• https://youtu.be/Y0HjfyMjUpg

• https://www.linkedin.com/company/webengage

• https://twitter.com/WebEngage?s=09

Do you think you fit the bill? Come along, letʼs redefine the future of Marketing Automation!

WebEngage aims to be an equal opportunity employer. We strongly believe that when people feel respected and included they can be more creative, innovative, and successful. We believe that change is the only constant and are in the process and will continue to be in process with changing times to adapt and advance diversity and inclusion. We take affirmative action to ensure equal opportunity and complete non-disclosure of all applicants without any regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, Veteran status, or any other characteristics not mentioned hereinabove which are protected under the law of the soil.

Skills

Security compliance frameworksISO 27001, ISO 27701, SOC 2, HIPAA,

Apply on Kit Job: kitjob.in/job/47mf0r

📌 Security Engineer (Mumbai)
🏢 Leading
📍 Mumbai