Apply on Kit Job: kitjob.in/job/481cb5

About WebEngage:

nWebEngage is an enterprise-grade customer engagement and retention platform that helps global brands across industries such as e-commerce, fintech, travel, edtech, gaming, media, and consumer apps. and turn data into measurable revenue impact.n

Trusted by 800+ brands globally, we have strong presence in India, UAE, KSA, SEA, Europe and beyond.

n

WebEngage powers intelligent, real-time engagement across the entire customer lifecycle.

n

- We are built for scale.
- We are built for complexity.
- We are built for outcomes.

nAt our core, WebEngage is a full-stack retention operating system that combines:n
- A powerful Customer Data Platform (CDP)
- Real-time behavioral segmentation and intelligence
- Omnichannel journey orchestration
- AI-driven personalization and recommendations
- Deep analytics, experimentation, and revenue attribution
- WebEngage BLACK: our AI-native layer that brings Agentic capabilities to engagement.

nLearn more about us at www.webengage.comn

#### Position Overview

n

We are seeking a skilled Security and Compliance Engineer to join our team. In this role, you will play a pivotal part in maintaining and enhancing our security posture, ensuring compliance with industry standards, and collaborating across teams to mitigate risks. This position involves hands-on technical work, process optimization, and project management in a energetic SaaS environment.

n

The responsibilities listed below are non-exhaustive; you will have access to established onboarding procedures and will grow by assuming broader ownership over time. Key aspects include implementing security tools, reviewing processes,



and driving cross-functional initiatives to meet security obligations.

n

#### Responsibilities:

n

- Conduct penetration tests using specialized tools to identify vulnerabilities and collaborate with Development or DevOps teams to plan and implement remediation strategies.
- Coordinate with external Vulnerability Assessment and Penetration Testing (VAPT) vendors for audits, serving as the liaison between the vendor and the engineering team.
- Partner with the DevOps team to perform cloud security audits and develop remediation plans.
- Respond to security questionnaires from customers or vendors and address security-related questions during virtual meetings.
- Lead security-related projects, providing regular progress updates and reports.
- Implement and configure tools to enhance security practices, including static code analysis and automated code audits.
- Manage the security calendar and execute activities such as:
- Cloud Business Continuity Planning (BCP) and Disaster Recovery (DR) exercises in collaboration with the DevOps team.
- Cryptographic audits (including encryption at rest and in transit) and key rotation processes with DevOps support.
- Audits of automated code quality checks within CI/CD pipelines.
- Reviews of standard operating procedures to ensure adherence and timely execution.




- Oversee the compliance calendar for standards such as ISO 27001, ISO 27701, SOC 2, and future certifications, including:
- Coordinating with responsible teams to ensure all required activities are completed on schedule.
- Responding to technical and process-related inquiries during audits alongside other team members.
- Monitoring and ensuring employee security training and retraining programs are up to date.
- Tracking and maintaining all security-related metrics.
- Handling any additional audit-related tasks.

n#### Required Qualifications:n

- Strong understanding of SaaS applications and associated security challenges.
- Familiarity with one or more cloud platforms, such as AWS, GCP, or Azure.
- Knowledge of fundamental networking concepts, including OSI layers, TLS protocols, and cryptography.
- Proficiency in at least one scripting language (e.g., Python, Java, Node.js).
- Awareness of common security risks, including OWASP Top 10, CIS Benchmarks, and recent CVE vulnerabilities.
- Excellent verbal and written communication skills for interacting with internal and external stakeholders, as well as project reporting.
- Commitment to continuous learning and staying current with evolving security trends.

n#### Preferred Skills and Knowledgen

Experience with security compliance frameworks such as ISO 27001, ISO 27701, SOC 2, HIPAA, or similar; relevant cybersecurity certifications are a plus.

n

Minimum Qualifications

n

- Bachelor's degree in Engineering or equivalent in a related field, such as Computer Engineering, Electronics, or Telecommunications.
- 3 to 5 years of relevant experience in secu

Apply on Kit Job: kitjob.in/job/481cb5

📌 Security Engineer (Mumbai)
🏢 WebEngage
📍 Mumbai