Reflections Info Systems (P) Ltd

9A2, Carnival Technopark, Kariyavattom P.O, Thiruvananthapuram, Kerala, India , 695581

http://www.reflectionsglobal.com

Senior Security Engineer - Cybersecurity

Closing Date:19,June 2026

Job Published: 13,June 2026

Contact Email: Careers@reflectionsinfos.com

Brief Description

Introduction

We are looking for a Senior Security Engineer with 5+ years of hands-on experience to join our security team. This is a deeply technical role for an engineer who thrives in the trenches — building and hardening systems, hunting threats, automating defenses, and owning the security posture of complex environments. You will work across the full security stack: from secure code review and infrastructure hardening to threat detection engineering and incident response

Responsibilities include:

Application & Infrastructure Security

Design, implement, and maintain security controls across cloud infrastructure (AWS, Azure, or GCP), CI/CD pipelines, and on-premises environments.
Conduct in-depth code reviews, architecture reviews, and threat modeling sessions to identify and remediate security vulnerabilities early in the SDLC.
Build and maintain automated security scanning pipelines integrating SAST, DAST, SCA, and secrets detection tooling.
Harden operating systems ,container environments(Docker/Kubernetes), and network configurations to reduce attack surface.

Threat Detection & Incident Response

Develop and tune detection rules, correlation logic, and alerting across SIEM platforms (Splunk, Sentinel, or Elastic) to identify malicious activity at scale.
Lead technical investigation and containment of security incidents — from initial triage through root cause analysis, remediation, and post-mortem.
Build and maintain threat hunting playbooks; proactively hunt for indicators of compromise and adversarial TTPs mapped to MITRE ATT&CK.
Develop and maintain SOAR playbooks to automate repetitive detection and response workflows, reducing mean time to respond (MTTR).

Vulnerability Management & Penetration Testing

Own the vulnerability management lifecycle: scanning, triage, prioritization, remediation tracking, and SLA reporting across all asset classes. Confidential
Perform internal penetration tests and red team simulations against web applications, APIs, network infrastructure, and cloud environments.
Assess third-party vendor and supply-chain risk; conduct technical security reviews of SaaS integrations and open-source dependencies.

Security Engineering & Automation

Write production-quality security tooling and automation scripts in Python, Go, or Bash to scale security operations and reduce manual effort.
Integrate security controls into Terraform, Ansible, and other IaC frameworks; enforce security policy-as-code using tools such as OPA or Checkov.
Collaborate closely with software engineering, DevOps, and platform teams to embed security practices as a force multiplier, not a gatekeeper.
Contribute to security standards, runbooks, and documentation to elevate security awareness and capability across the engineering org.

Preferred Skills

Primary Skills :

TECHNICAL REQUIREMENTS

Candidates must demonstrate hands-on proficiency across 3-4 areas below.

Domain	Tools & Technologies
Cloud Security	AWS Security Hub, GuardDuty, SCPs, Azure Defender, GCP Security Command Center, IAM hardening, cloud-native CSPM
SIEM & Detection	Splunk (SPL), Microsoft Sentinel (KQL), Elastic SIEM, detection-as-code, sigma rules, correlation logic
AppSec & DevSecOps	OWASP Top 10, Burp Suite, Semgrep, Snyk, Checkmarx, SonarQube, GitHub Advanced Security, secrets scanning
Endpoint & EDR	CrowdStrike Falcon, SentinelOne, Microsoft Defender for Endpoint, osquery, auditd, eBPF-based telemetry
Identity & Access	Okta, Azure AD / Entra ID, PAM (CyberArk/BeyondTrust), MFA enforcement, OAuth 2.0/OIDC, JIT provisioning
Scripting & Tooling	Python (primary), Bash, Go; REST API integrations; Terraform, Ansible; Docker/Kubernetes security
Offensive Security	Metasploit, Nmap, BloodHound, Impacket, Burp Suite Pro, manual exploitation, red team TTPs (MITRE ATT&CK)
Compliance & GRC	SOC 2, ISO 27001, NIST CSF/800-53, PCI-DSS, GDPR; evidence collection; control mapping and gap analysis

QUALIFICATIONS & EXPERIENCE

5+ years of hands-on experience in a security engineering, detection engineering, or offensive security role — not compliance or advisory.
Demonstrable experience securing cloud-native environments at scale (multi-account AWS, Azure, or GCP); cloud security certifications a plus.
Proficiency in at least one scripting/programming language used to build security tools orautomate workflows (Python strongly preferred).
Strong understanding of attacker TTPs: you think like an adversary and can articulate how attacks work at the protocol and system level.
Experience with containerized and Kubernetes environments; understanding of container escape paths, RBAC misconfigs, and supply chain risks.
Solid grasp of networking fundamentals: TCP/IP, DNS, HTTP/S, TLS, BGP — you can read a packet capture and know what you are looking at.
Experience leading or significantly contributing to incident response investigations, includingpost-mortems and control improvements.

Secondary Skills :

Preferred Certifications (any of the following)

OSCP / OSED / OSEP
CRTO / CRTE
AWS Security Specialty
GREM / GXPN / GWAPT
CKS (Kubernetes Security)
CISSP / CCSP
Azure Security Engineer
GCIH / GCIA
Google Professional Cloud Security

Interested candidates may forward their detailed resumes to Careers@reflectionsinfos.com along with their notice period, current and expected CTC details. This is to notify jobseekers that some fraudsters are promising jobs with Reflections Info Systems for a fee. Please note that no payment is ever sought for jobs in Reflections. We contact our candidates only through our official website or LinkedIn and all employment related mails are sent through the official HR email id. Please contact careers@reflectionsinfos.com for any clarification/ alerts on this subject.