REMOTEFULLTIME
Principal Security Engineer
Arcana
Remote · remote · Posted 7d ago
Your match
Sign in to see your match score, skill gaps & tailored resume.
Section · 01
About this role
Principal Security Engineer
Location: Bangalore (Hybrid) As our Principal Security Engineer, you'll own and elevate Arcana's overall security posture - cloud, on-prem, and everything in between. You'll design and enforce policies, automate controls, and harden infrastructure end-to-end. While your primary focus will be on our GCP resources, you'll also partner with teams across networking, applications, and compliance to ensure we're secure by design and resistant to drift.
Responsibilities:
- Enterprise Security Architecture - Governance and Compliance, including driving adherence to ISO 27001, SOC 2, GDPR, and enforcing CIS benchmarks on all infrastructure.
- Policy, Automation, and Guardrails - own the end-to-end security lifecycle by defining policy-as-code, embedding continuous compliance checks into CI/CD, and building automated, drift-resistant guardrails across cloud, containers, and VMs.
- Infrastructure Hardening and Drift Detection - implement automated drift alerts and self-healing playbooks for VPCs, firewall rules, Kubernetes clusters, and endpoints.
- Monitoring, Logging, and Incident Response - configure Cloud Audit Logs, SIEM exports, and custom alerts for critical security events; lead root-cause investigations, build detection logic, and develop runbooks for cloud-wide incidents.
- Define security checkpoints for new products and features
Requirements:
- 8+ years driving security and compliance in dynamic, regulated environments- securing cloud-native platforms and hybrid infrastructures, with deep familiarity in fintech and portfolio-management standards, and best practices for supporting distributed, remote teams.
- Deep expertise with GCP security (IAM, KMS, VPC Service Controls, Cloud Logging/Audit, WAF, SecOps) and Kubernetes application hardening.
- Strong Infrastructure-as-Code skills (Terraform or equivalent) and GitOps experience (ArgoCD, Flux).
- Proficiency in Appsec and Secops tools.
- Proficiency in Python scripting and policy-as-code frameworks (OPA, Gatekeeper).
- Excellent communicator - able to translate technical findings into clear policies and remediation plans.
Helpful Experience:
- Familiarity with multi-cloud security controls.
- Security certifications (GCP Professional Security Engineer, CISSP, CKA/CKS).
- Experience with service mesh (Istio/Anthos) or zero-trust architectures.
Sourced from linkedin · view original
Let the agent run this one for you.
Tailored resume, auto-apply, and referral lookup — in under 2 minutes.
Section · 02