18,098 Security Automation jobs in India

About the Role:

We are looking for a skilled Security Automation Engineer to design, develop, and implement automated security solutions that enhance our organizations security posture. You will collaborate with security operations, development, and infrastructure teams to automate threat detection, incident response, vulnerability management, and compliance processes. Your work will help reduce manual efforts, improve response times, and ensure consistent security enforcement.

Key Responsibilities:

• Design, develop, and maintain security automation workflows and playbooks using scripting and automation tools.
• Integrate security tools (SIEM, SOAR, IDS/IPS, endpoint security) into automated detection and response systems.
• Develop and maintain APIs and connectors for security tools integration.
• Automate incident detection, triage, and response processes to reduce manual workload.
• Collaborate with DevSecOps teams to embed security automation into CI/CD pipelines.
• Monitor, troubleshoot, and optimize automated security workflows.
• Conduct regular reviews and updates of security automation rules and playbooks.
• Stay updated on the latest security threats, tools, and automation technologies.
• Provide documentation, training, and support for security automation processes.

Preferred Skills:

• Experience with cloud security automation (AWS, Azure, GCP).
• Knowledge of infrastructure-as-code tools (Terraform, Ansible).
• Familiarity with container security and orchestration platforms (Docker, Kubernetes).
• Certifications such as CISSP, CEH, GIAC, or relevant security automation credentials.
• Experience with machine learning or AI in security automation.

knowledge and abilities

CI/CD expertise with GitLab CI/CD, Jenkins, or GitHub Actions (Must-Have)

Knowledge and understanding in Docker, container lifecycle management, and image security and familiar with container orchestration platforms like Kubernetes or Docker Compose

Comfortable using and contributing to open-source tools for security and infrastructure management

Basic understanding of network security technologies, including: Firewalls, VPNs, TCP/IP, DNS, DHCP, NAT, Wireshark, IDS/IPS,TSL/SSL, encryption protocols

Knowledge of Infrastructure monitoring tools such as Prometheus, Grafana, Nagios, Cacti, and optionally Elasticsearch.

Familiar with cloud platforms (Azure, AWS, GCP) and virtualization stacks (KVM, VMware, Proxmox) and exposure to multiple Linux distributions (RHEL, Debian, Ubuntu, FreeBSD)

Self-motivated and capable to work within a strong team environment is essential

Always willing to learn and share knowledge with other team members

Good interpersonal skills and the ability to communicate effectively at all levels and with all nationalities and cultures

Must be fluent in English language. Possession of multi languages is an asset

education, qualifications, and certifications

University Degree /Diploma or equivalent (computer, cybersecurity or communications oriented).

Certifications in cloud security & Certified Automation Professional (CAP)

Familiarity with cloud security platforms (AWS, Azure, GCP) is often beneficial.

Roles and Responsibilities

knowledge and abilities

CI/CD expertise with GitLab CI/CD, Jenkins, or GitHub Actions (Must-Have)

Knowledge and understanding in Docker, container lifecycle management, and image security and familiar with container orchestration platforms like Kubernetes or Docker Compose

Comfortable using and contributing to open-source tools for security and infrastructure management

Basic understanding of network security technologies, including: Firewalls, VPNs, TCP/IP, DNS, DHCP, NAT, Wireshark, IDS/IPS,TSL/SSL, encryption protocols

Knowledge of Infrastructure monitoring tools such as Prometheus, Grafana, Nagios, Cacti, and optionally Elasticsearch.

Familiar with cloud platforms (Azure, AWS, GCP) and virtualization stacks (KVM, VMware, Proxmox) and exposure to multiple Linux distributions (RHEL, Debian, Ubuntu, FreeBSD)

Self-motivated and capable to work within a strong team environment is essential

Always willing to learn and share knowledge with other team members

Good interpersonal skills and the ability to communicate effectively at all levels and with all nationalities and cultures

Must be fluent in English language. Possession of multi languages is an asset

education, qualifications, and certifications

University Degree /Diploma or equivalent (computer, cybersecurity or communications oriented).

Certifications in cloud security & Certified Automation Professional (CAP)

Familiarity with cloud security platforms (AWS, Azure, GCP) is often beneficial.

Exp - 5+

Notice - Immediate - 15days

Work Mode - Remote

About the Role : The purpose for this role ‘SOAR Developer’ is to provide SOAR development expertise and contribute to the success of the Cyber Security Operations center’s (CSOC) SOAR enhancement program by implementing SOAR automation workflows. SOAR Developer works in the Cyber Security Operations team.

Responsibilities :

• Work closely with security analysts and engineers to detect and address security gaps by implementing automation workflows that enhance security operations.
• Evaluate and enhance CSOC workflows and processes by integrating automation through SOAR tools and technologies.
• Deploy CSOC automation and ensure compatibility with existing detection and response tools.
• Create and implement custom scripts to automate current detection and response workflows.
• Operate and refine the CSOC playbook and workflow automations.

Required Skills :

• SOAR Developer
• IBM Qradar SOAR
• Development
• Python scripting
• Bash scripting
• Google Cloud
• AWS
• Azure
• JSON
• SQL
• Cyber Security
• Playbooks
• Programmer

Preferred Skills : Experience in working with security automation tools and frameworks.

Operational security automation is the process of automating some or all aspects of SOC or VOC operations. Replacing manual workflows with automated ones.

A fundamental building block of automation is the security playbook. A playbook defines a workflow by outlining the steps teams will take to handle different types of security alerts or events. By developing playbooks ahead of time, teams avoid having to make a response plan every time an alert or event occurs.

Responsibilities:

• Scripting and workflow development, follow proper engineering and integration lifecycles (design, create, test, document, integrate, monitor, maintain) and are designed to be reusable. Creating and integrating APIs to create orchestrated workflows.
• Autonomously plan security automation daily operations to ensure targets are being met.
• Identify and recommend necessary changes to the operational security teams to ensure automation and orchestration, maximize team talent and reduce routine tasks.
• Ensure operational security automations meet business and technical requirements, are maintainable, scalable and meet performance standards
• Bring external perspective and ideas from relevant sources, keep current with technology and industry best practices of the security industry threat landscape
• Communicate technical and functional requirements using an effective, efficient, and creative approach with a high degree of collaboration and influence.
• Work with in-house teams to identify the right mix of tools, techniques, and procedures to translate our needs and future goals into a plan that will enable secure and effective solutions.

Required Skills:

• 10+years of experience working in Information Security with focus in operational security.
• Experience with agile project management processes and methodologies
• Mandatory 3 years experiences with one of the following SOAR vendor platforms (Tines, Swimlane)
• Being autonomous.
• Advanced research, analytical, and problem-solving skills
• Masters degree in Computer Science, Information Security, or related field

Signzy is a digital trust system. We provide identification, background checks, forgery detection

and contract management systems which enable contracting in a trustable, safe, legal, and

convenient manner. Our biometric user authentication system and blockchain-based digital trail

ensure non-repudiation. This increases compliance and enforceability in the court of law. We

consist of a tech-savvy team and are backed by investors who are enthusiastic about creating

solutions with technology.

Working at Signzy

● At Signzy we breathe software and exploit the latest technologies to create the most

amazing products. We comprise a tech-savvy team and are backed by investors who are

enthusiastic about creating solutions using technology.

● Signzy is looking for an Security Engineer. If you think you have what it

takes to get the job done, this is an invitation to be a part of the future!

JD for Security Engineer-1 Role

Responsibilities:

Application Security

• Perform secure code reviews , threat modeling, and static/dynamic application security testing (SAST/DAST).
• Integrate and maintain automated scanning tools (e.G., Semgrep, Snyk, Trivy, Gitleaks) in CI/CD pipelines.
• Collaborate with developers to remediate vulnerabilities and embed security in SDLC.
• Guide on secure architecture patterns (authentication, authorization, data encryption, API security, mobile app protections like SSL pinning and mTLS).

Infrastructure & Cloud Security

• Harden cloud infrastructure (AWS/GCP/Azure), including IAM, VPC design, encryption, and network segmentation.
• Implement infrastructure-as-code security checks for Terraform, Helm, and Kubernetes deployments.
• Conduct internal and external penetration tests , configuration reviews, and vulnerability management for servers, containers, and endpoints.
• Support continuous monitoring (WAF, SIEM, EDR/MDM) and incident response

Security Assessments & Compliance

• Lead periodic security assessments : vulnerability assessments, penetration testing, firewall rule reviews, user-access audits, and network segmentation reviews.
• Document findings, track remediation, and provide risk-based recommendations.
• Assist with evidence gathering for ISO 27001, SOC 2, PCI-DSS, GDPR, and internal security audits.

Continuous Improvement

• Research emerging threats (e.G., supply-chain attacks, npm/package ecosystem risks) and recommend mitigations.
• Contribute to security runbooks, policies, and developer awareness sessions.

Qualification

Must Have

• 2–4 years of experience in application or infrastructure security engineering.
• Strong understanding of web/mobile security, OWASP Top 10, cloud security fundamentals, and Linux/Unix systems.
• Hands-on experience with CI/CD pipelines and common security tools (SAST, DAST, container scanners, SIEM/EDR).
• Hands-on with SAST/DAST tools (e.G., Burp Suite, OWASP ZAP, Semgrep, Fortify)
• Knowledge of network & OS hardening (Linux, cloud workloads).
• Experience with internal and external penetration testing methodologies.
• Familiarity with common tools: Nmap, Metasploit etc.,
• Hands on experience with Mobile application security testing (Android and iOS)
• Familiarity with threat modeling frameworks (STRIDE, MITRE ATT&CK) and SBOM management.
• Scripting or programming skills (Python, Go, Bash) for automation and custom tooling.
• Should have fundamental knowledge of cloud environments
• Security-first mindset with curiosity and analytical thinking.
• Ability to review firewall rules, ACLs, and security groups for least-privilege.
• Understanding of network segmentation and zero-trust principles.
• Ability to translate complex vulnerabilities into actionable, developer-friendly guidance.
• Collaborative approach to working with engineering, DevOps, and compliance teams.
• Strong reporting & documentation skills (writing assessment reports).
• Knowledge of security standards (ISO 27001, NIST 800-53, CIS Benchmarks).

Good to Have

• Container & K8s Security : Familiarity with Trivy, Falco, Kubescape, Kyverno.
• IaC Security : Experience with Terraform/CloudFormation scanning (Checkov, Tfsec).
• DevSecOps Integration: Embedding security tests into CI/CD (GitLab, GitHub Actions, Jenkins).
• Advanced API Security : Hands-on with API gateways (Kong, Apigee, AWS API Gateway) and WAF tuning.
• Cloud-Native Security : Experience with GuardDuty, Security Hub, AWS Config, GCP SCC.
• Emerging Areas : AI/ML model security.
• Certifications (good-to-have, not must) : OSCP or Cloud Security certs (AWS Security Specialty).

We are seeking a highly skilled DevSecOps Engineer with a strong background in application security , penetration testing , and secure development practices . The ideal candidate will bring hands-on experience in SAST , DAST , Kubernetes , CI/CD pipelines , and a solid understanding of DevSecOps principles . You will work closely with engineering, DevOps, and security teams to build, automate, and secure systems across the development lifecycle.

Key Responsibilities:

• Conduct backend and infrastructure penetration testing to identify and mitigate security vulnerabilities.
• Integrate and manage SAST and DAST tools within CI/CD pipelines.
• Collaborate on secure architecture design , threat modeling, and security code reviews.
• Drive secure coding practices and security automation across development teams.
• Assess and enhance the security of cloud-native applications , containerized workloads, and Kubernetes clusters .
• Implement security controls and monitoring for applications and infrastructure.
• Contribute to SDL (Secure Development Lifecycle) activities including threat/attack modeling and secure design reviews.
• Stay current with emerging threats, vulnerabilities, and regulatory frameworks.

Required Skills and Qualifications:

• 6+ years of experience in DevSecOps , application security, or related roles.
• Proven experience in penetration testing (application and infrastructure).
• Prior experience in software development , DevOps , or security architecture .
• Expertise in application security and common vulnerability classes (OWASP Top 10).
• Experience integrating and using SAST/DAST tools (e.G., Veracode, SonarQube, Burp Suite).
• Strong understanding of CI/CD pipelines (Jenkins, GitLab, GitHub Actions, etc.).
• Hands-on with Kubernetes , Docker, and container security.
• Familiarity with cloud platforms (AWS, Azure, GCP) and securing cloud-native environments.
• Deep knowledge of security mechanisms across operating systems, networks, virtualization, and databases.
• Familiar with information security frameworks and standards (e.G., NIST, ISO 27001, CIS).
• Experience with threat modeling and design reviews .
• Excellent problem-solving, collaboration, and communication skills.

About Quess IT Staffing:

Hiring the right professionals in the IT industry can be a challenging endeavor. At Quess IT Staffing, we specialize in connecting organizations with IT talent who not only possess the skills needed but also align with the client organization's vision and goals. This commitment has helped us become one of the largest and most sought-after IT staffing companies in India.

Our professional staffing solutions are strategically designed to help businesses secure highly qualified candidates, whether seasoned experts, niche specialists, or those with unique technical skills. Beyond staffing, we provide tailored IT solutions including Digital Workplace Services, Cloud & Datacenter Services, and Managed Network Services, ensuring your infrastructure is robust and operations run seamlessly.

As India’s largest and a global leader in staffing and workforce solutions, Quess empowers businesses to boost productivity through deep domain expertise and a future-ready workforce powered by AI-driven digital platforms. With a strong presence across 8 countries, a workforce exceeding 460,000 professionals, and over 3,000 clients worldwide, Quess has grown from a start-up to an industry powerhouse in just 17 years, delivering transformative impact across sectors. We offer a comprehensive range of technology-driven staffing and managed outsourcing services, serving leading industries such as BFSI, Retail, Telecom, Manufacturing, IT, GCCs, BPO services, and more.

Job Title: DevSecOps Security Engineer — with Splunk Expertise

Experience : 6+ Years

Location: Chennai

Job Type: Work from Office

Indian Shift Timing: 2:00 PM - 11:00 PM IST

Notice period: Immediate Joiner

Overview:

The DevSecOps Security Engineer will embed security into modern delivery for our customer environment , while also providing Splunk engineering support to our internal team. Based in Chennai, India, this hands-on role partners with local Engineering/DevOps to secure CI/CD pipelines, Kubernetes workloads, and runtime environments in alignment with enterprise standards. Experience with API and Bot security is a plus.

- Primary focus: Customer DevSecOps enablement (pipelines, IaC guardrails, Kubernetes hardening, runtime detection/response, observability)

- Secondary focus: Internal Splunk SME work (use cases, onboarding, dashboards, compliance reporting)

- Target allocation: ~80% Customer DevSecOps / ~20% Internal Splunk (subject to business needs)

Key Responsibilities

A) Customer DevSecOps Enablement

• Pipeline Security: Integrate automated scans (SAST, SCA, IaC, container) into CI/CD (GitHub, Jenkins, Argo CD);
  enforce quality gates and break-glass workflows.
• IaC Guardrails: Implement policy-as-code for Terraform/Helm/manifests;
  codify baselines, waivers, and approvals in version control.
• Kubernetes Security: Apply CIS Benchmarks;
  enforce admission controls;
  implement least-privilege RBAC, network policies, image signing/attestations, and runtime defenses.
• Secrets & Identity: Harden secrets management;
  align to Zero Trust andleast-privilege access patterns.
• Compliance Mapping: Align detections/controls to MITRE ATT&CK, CIS, NIST, and PCI where applicable;
  produce audit-ready artifacts (e.G., SBOMs and attestations).
• API & Bot Security (Strongly Preferred): Implement API discovery/cataloging and API threat modeling;
  enforce WAAP/edge/CDN policies and rate limiting;
  deploy bot detection/mitigation and fraud signals.

B) Observability & Runtime Protection

• Runtime Monitoring: Deploy vulnerability, misconfiguration, drift, and anomaly detection across clusters and services.
• Telemetry & Dashboards: Build real-time observability with Grafana, OpenTelemetry, and OpenSearch.
• On-Call & Escalations: Configure PagerDuty and ticketing (Jira/ServiceNow);
  reduce MTTR with clear ownership and runbooks.
• IR Enablement: Partner with SOC/IR for evidence collection, triage, post-incident reviews, and improvement actions.

C) Splunk (Internal Team Support)

• Log Onboarding & Tuning: Integrate new data sources, perform field extractions, apply lifecycle policies;
  maintain index health. (Nice to have: ingest API gateway/WAAP/bot telemetry.)
• Detection Engineering: Author/tune SPL searches and correlation rules;
  map detections to MITRE/CIS;
  reduce false positives.
• Dashboards & Reporting: Deliver detection/operations dashboards and automated compliance/audit reports.
• Platform Care: Support upgrades, performance tuning, license utilization, and app maintenance.

D) Delivery, Documentation & Stakeholders

• Execution: Own Jira epics/stories;
  deliver against roadmapwith measurable outcomes.
• Docs & Runbooks: Maintain Confluence runbooks, playbooks, standards, and architecture diagrams.
• Communication: Provide weekly status, risk/issue tracking, and stakeholder updates (customer + internal).

Qualifications

• Bachelor’s in Computer Science, Cybersecurity, or related field;
  advanced degree a plus.
• Hands-on DevSecOps experience across CI/CD, Kubernetes, and cloud-native platforms.
• Strong IaC security and policy-as-code (Terraform/Helm/Git-based guardrails).
• Kubernetes security (CIS, admission controls, image signing/attestations, RBAC, Pod Security admission, network policies).
• Observability: Grafana, OpenTelemetry, OpenSearch ;
  on-call tooling (PagerDuty) .
• Splunk (Required): data onboarding, SPL, dashboards, correlation rules, compliance reporting, and performance tuning.
• Scripting/automation (REST, CLI, Ansible, Terraform);
  familiarity with SOAR, Jira/ServiceNow.
• Experience with CNAPP/CSPM platforms (Prisma Cloud and/or Wiz).
• API & Bot Security (Strongly Preferred): API discovery/cataloging;
  API threat modeling;
  WAAP/edge/CDN policies;
  rate limiting;
  botdetection/mitigation & fraud signals. Akamai/Cequence experience is a plus.
• Strong troubleshooting, stakeholder communication, and cross-team collaboration skills.

HCl Is Hiring XSOAR Admin for PAN India Location

Required Experience : 9 +

Location :PAN India Location

Required Skill: XSOAR Admin

If you are interested please share your resume OR

Job Description:

• Candidate should have 10+ years of exp in various domain of cyber security tool and specifically in the 4-5 tools as per the below list.
• The XSOAR Developer for our Cybersecurity team will be responsible for designing, developing, and implementing automated solutions and custom playbooks. The developer will primarily be working with internal customers and peers to design and develop solutions that will be used to streamline processes and increase efficiency for our customers.
• Minimum graduate, preferably Comp/IT Engg
• Tools specific certifications
• ITIL understanding, Preferably ITIL foundation certificate
• ISO 27001 understanding
• CISSP is a plus
• Cloud security certification will be plus

• Understanding and knowledge on the below tools

üCXSOAR Platform

üUnix

üPalo alto

RESPONSIBILITIES:

• Develop automation playbooks using either out-of-the-box (or custom) integrations and functions
• Integrate Current Technologies with XSOAR Platform
• Participates in architecture design and analysis work related to security automation
• Troubleshoot issues related to automation processes or tools
• Collaborate with other teams such as network engineering, downstream applications, etc., to ensure that automation solutions are properly integrated
• Develop Custom Integrations
• Catalogue and review any identified security automation use cases with stakeholders
• Lead automation use case/playbook design sessions
• Develop documentation related to automation processes and procedures
• Develop architectural solutions for a complex business area or deliver architectural services or governance activities. Elaborate the solution architecture for a specific solution based on architecture-significant requirements and company-wide architecture standards
• Utilize architecture patterns to suggest the most adequate utilization of technical platforms in support of the holistic solution architecture design. Maintain and evolve Architecture tools and platforms, principles, policies and standards Develop and maintains the cyber security capability roadmap and strategy, and works with cyber security services to align their technology and service roadmaps.