REMOTEFULLTIME
Security Engineer
Inception42
Remote · remote · Posted 6d ago
Your match
Sign in to see your match score, skill gaps & tailored resume.
Section · 01
About this role
Inception, a G42 company, is the region’s leading innovator of AI-powered domain-specific as well as industry-agnostic products, built on a rich heritage of research and development. Within the G42 ecosystem, Inception functions as the core intelligence layer – transforming data and compute infrastructure into real-world, applied AI solutions. Beyond its commercial endeavors, Inception is committed to creating positive societal impact. For more information, please visit www.inceptionai.ai
Role Overview The Security Engineer — InfoSec is responsible for protecting Inception AI's cloud-native infrastructure, applications, and data across the Azure estate. Operating within a fast-moving AI product company, this role goes beyond traditional security operations: it requires securing GPU workloads, LLM pipelines, AI Foundry deployments, and multi-tenant SaaS platforms running on AKS and Azure App Services. The engineer will embed security thinking into engineering workflows, drive compliance posture, and respond to threats in real time.
This role is a full-time position based in India (remote). Key responsibilities
- Implement and maintain security controls across Azure infrastructure including AKS, App Gateway, Load Balancers, Web Apps, and AI Foundry.
- Perform vulnerability assessments, SAST/DAST scanning, and secrets management across CI/CD pipelines (GitHub Actions).
- Monitor Microsoft Sentinel for security events; triage, investigate, and respond to alerts and incidents.
- Manage Azure Security Center (Defender for Cloud) recommendations and drive remediation with infrastructure teams.
- Enforce identity and access governance: Entra ID, PIM, RBAC, conditional access policies, and app registration hygiene.
- Conduct security reviews of IaC (Terraform) and container workloads prior to production deployments.
- Support ISO 27001 / SOC 2 compliance activities: evidence collection, control mapping, and audit preparation.
- Collaborate with DevSecOps and engineering teams to embed security into the SDLC (shift-left approach).
- Assess and mitigate risks specific to AI/LLM workloads: prompt injection, model exfiltration, and API abuse vectors.
- Maintain security documentation: threat models, runbooks, incident response playbooks.
Qualifications Cloud Security — Azure
- Microsoft Defender for Cloud, Microsoft Sentinel — hands-on configuration and operations
- Azure Policy, RBAC, Entra ID (formerly Azure AD), Privileged Identity Management (PIM)
- Network Security Groups, Private Endpoints, Azure Firewall, Application Gateway WAF
- Key Vault management: secrets, certificates, managed identities
DevSecOps & Application Security
- SAST/DAST tooling (e.g. Checkmarx, Snyk, OWASP ZAP) integrated into GitHub Actions pipelines
- Container image scanning (Trivy, Defender for Containers) and Kubernetes workload security policies
- Secrets scanning and IaC security review (Checkov, tfsec)
- Understanding of OWASP Top 10 and CWE/CVE triage
Identity & Access Management
- Entra ID: SSO, SCIM provisioning, conditional access, MFA enforcement
- Service principal and managed identity lifecycle management
- Privileged access reviews and JIT access patterns
Compliance & Governance
- Working knowledge of ISO 27001, SOC 2, and NIST CSF frameworks
- Experience contributing to audit preparation, evidence collection, and control gap analysis
Scripting & Automation
- Python or PowerShell for security automation, log analysis, and tooling
- KQL (Kusto Query Language) for Sentinel queries and Log Analytics workspaces
Good to Have
- AI/LLM Security: understanding of threats specific to large language models — prompt injection, data leakage, adversarial inputs, model supply chain risks
- Experience securing GPU workloads or HPC environments on Azure
- Familiarity with Azure AI Foundry, Azure OpenAI Service, or similar managed AI platforms
- Cloud security certifications: AZ-500, SC-200, or equivalent
- Exposure to Red Team / penetration testing exercises
- Experience with CSPM tooling beyond Defender for Cloud The successful candidate will be engaged via an external workforce partner in line with Inception’s operating model in the region.
Sourced from linkedin · view original
Let the agent run this one for you.
Tailored resume, auto-apply, and referral lookup — in under 2 minutes.
Section · 02