795 Software Security jobs in India

About T-Mobile:

T-Mobile US, Inc. (NASDAQ: TMUS), headquartered in Bellevue, Washington, is America’s supercharged Un-carrier, connecting millions through its strong nationwide network and flagship brands, T-Mobile and Metro by T-Mobile. Customers benefit from an unmatched combination of value, quality, and exceptional service experience.

About TMUS Global Solutions:

TMUS Global Solutions is a world-class technology powerhouse accelerating the company’s global digital transformation. With a culture built on growth, inclusivity, and global collaboration, the teams here drive innovation at scale, powered by bold thinking.

TMUS India Private Limited is a subsidiary of T-Mobile US, Inc. and operates as TMUS Global Solutions.

About the Role:

Security is a core pillar of our digital infrastructure. As a Senior Engineer – Security Operations, you will be a key member of the CFL Platform Engineering and Operations team you will play a critical role in ensuring the reliability, integrity, and responsiveness of security operations across large-scale cloud and enterprise platforms.

You’ll work closely with threat intelligence, platform engineering, and cloud teams to detect, investigate, and respond to threats. You’ll also contribute to the design and automation of detection pipelines, incident workflows, and security observability frameworks—helping protect systems, data, and users in real time.

What You’ll Do:

• Respond to security alerts and incidents, triaging and escalating as appropriate
• Investigate security events across cloud, infrastructure, and application layers using SIEM and telemetry tools
• Participate in incident response, post-incident reviews, and root cause analysis processes
• Write, tune, and deploy detection rules using platforms such as Splunk, Sentinel, Chronicle
• Integrate telemetry from cloud logs, IAM, APIs, containers, and endpoint tools
• Collaborate with threat intelligence teams to build and test detections for IOCs and attacker behaviors
• Develop and maintain SOAR workflows, automation scripts, and investigation playbooks
• Contribute to the observability stack with monitoring, metrics, and alerting capabilities
• Integrate security signals into CI/CD pipelines and DevSecOps toolchains
• Collaborate with cloud, SRE, and engineering teams on secure architecture and operations
• Contribute to platform hardening and baseline security configurations
• Promote security best practices and awareness across engineering

What You’ll Bring:

• Bachelor’s degree in Computer Science, Information Security, or a related field
• 4-7 years of experience in security operations, detection engineering, or incident response
• Strong experience with SIEM/SOAR platforms including detection rule creation and tuning
• Experience with cloud-native security tooling (Azure preferred, AWS/GCP acceptable)
• Proficiency in Python, PowerShell, or Bash for scripting and automation
• Knowledge of security monitoring in Kubernetes, APIs, and container-based workloads

Must Have Skills:

• Application & Microservice: Java, Spring boot, API & Service Design
• Any CI/CD Tools : Gitlab Pipeline/Test Automation/GitHub Actions/ Jenkins /Circle CI
• App Platform: Docker & Containers (Kubernetes)
• Any Databases : SQL & NOSQL (Cassandra/Oracle/Snowflake/MongoDB)
• Any Messaging: Kafka, Rabbit MQ
• Any Observability/Monitoring: Splunk/ Grafana/ Open Telemetry /ELK Stack/ Datadog/ New Relic/ Prometheus)
• Security Skillset: OWASP Concepts, threat modeling

Nice To Have:

• CSPM (AWS, Azure, Databricks)
• Data protection: tokenization, masking, key rotation
• Policy-as-code enforcement (OPA, Kyverno)
• SIEM/SOAR pipeline tuning & ownership.

About T-Mobile:

T-Mobile US, Inc. (NASDAQ: TMUS), headquartered in Bellevue, Washington, is America’s supercharged Un-carrier, connecting millions through its strong nationwide network and flagship brands, T-Mobile and Metro by T-Mobile. Customers benefit from an unmatched combination of value, quality, and exceptional service experience.

About TMUS Global Solutions:

TMUS Global Solutions is a world-class technology powerhouse accelerating the company’s global digital transformation. With a culture built on growth, inclusivity, and global collaboration, the teams here drive innovation at scale, powered by bold thinking.

TMUS India Private Limited operates as TMUS Global Solutions.

About the Role:

As an Engineer – Security Operations, you will be a key member of the CFL Platform Engineering and Operations team, you will lead reliability engineering for AI-powered platforms supporting LLM applications, AI gateways, and enterprise-scale services across finance, credit, collections, and document systems. You will design and implement observability and incident response frameworks, scale high-performance infrastructure, and champion SRE best practices to support secure, automated, and resilient systems.

What You’ll Do:

• Monitor and triage security alerts using SIEM tools like Splunk, Sentinel, or Chronicle
• Investigate suspicious activity and escalate confirmed incidents with clear documentation
• Tune and maintain detection rules based on threat intelligence, use cases, and false positive analysis
• Assist in incident response efforts, supporting data gathering, root cause analysis, and remediation steps
• Develop and maintain security automation scripts using Python, Bash, or PowerShell
• Support security workflow automation using SOAR tools and custom enrichment scripts
• Integrate security monitoring with cloud infrastructure, CI/CD pipelines, and observability platforms
• Document detection logic, response processes, and investigation workflows
• Collaborate with Cloud, SRE, and DevOps teams to improve system visibility and secure configurations
• Maintain awareness of current threats, vulnerabilities, and attacker techniques
• Participate in red team/blue team exercises, tabletop simulations, or detection validation projects

What You’ll Bring:

• Bachelor’s degree in Computer Science, Information Security, or a related technical field
• 2-5 years of experience in security operations, SOC, threat detection, or incident response roles
• Experience with SIEM platforms (e.g., Splunk, Microsoft Sentinel, Chronicle)
• Familiarity with event and log analysis, detection rule tuning, and telemetry correlation
• Scripting ability in Python, PowerShell, or Bash for automation and tooling support
• Understanding of cloud-native security concepts (preferably in Azure; AWS/GCP also relevant)
• Knowledge of threat detection frameworks such as MITRE ATT&CK and use of adversary emulation or threat hunting practices
• Experience with EDR tools, audit logs, IAM logs, or Kubernetes security telemetry
• Exposure to SOAR tools or detection-as-code workflows is a plus
• Strong analytical and troubleshooting skills with attention to technical depth
• Excellent communication skills and the ability to collaborate across engineering and security teams
• Passion for improving threat detection, automation, and overall security posture at scale

Must Have Skills:

• Application & Microservice: Java, Spring boot, API & Service Design
• Any CI/CD Tools : Gitlab Pipeline/Test Automation/GitHub Actions/ Jenkins /Circle CI
• App Platform: Docker & Containers (Kubernetes)
• Any Databases : SQL & NOSQL (Cassandra/Oracle/Snowflake/MongoDB)
• Any Messaging: Kafka, Rabbit MQ
• Any Observability/Monitoring: Splunk/ Grafana/ Open Telemetry /ELK Stack/ Datadog/ New Relic/ Prometheus)
• Security Skillset: OWASP Concepts

Nice To Have:

• IAM least privilege, KMS/Key Vault basics
• Incident/Change/Problem playbooks, ServiceNow integration
• K8s RBAC, Network Policies, image scanning
• SIEM basics (Azure Sentinel, Splunk)
• WAF/DDoS protection (Akamai, Cequence)

About T-Mobile:

T-Mobile US, Inc. (NASDAQ: TMUS), headquartered in Bellevue, Washington, is America’s supercharged Un-carrier, connecting millions through its strong nationwide network and flagship brands, T-Mobile and Metro by T-Mobile. Customers benefit from an unmatched combination of value, quality, and exceptional service experience.

About TMUS Global Solutions:

TMUS Global Solutions is a world-class technology powerhouse accelerating the company’s global digital transformation. With a culture built on growth, inclusivity, and global collaboration, the teams here drive innovation at scale, powered by bold thinking.

TMUS India Private Limited is a subsidiary of T-Mobile US, Inc. and operates as TMUS Global Solutions.

About the Role:

We are building a modern, cloud-native platform to support critical applications across finance, credit, document, and AI-powered systems. As a Principal Engineer – Security Operations, you will be a key member of the CFL Platform Engineering and Operations team you will lead the architecture and execution of infrastructure platforms that enable reliability, scalability, security, and developer productivity at scale.

This is a strategic technical leadership role, driving cloud adoption, automation, and infrastructure architecture across multiple business domains. You’ll partner with engineering, security, AI, and SRE teams to build robust platforms that support multi-cloud deployments, CI/CD automation, zero-downtime operations, and cost-effective scaling.

What You’ll Do:

• Design and implement end-to-end security monitoring and incident response architecture across cloud and hybrid platforms
• Build scalable detection pipelines and correlation logic with SIEM/SOAR tools like Splunk, Chronicle, Sentinel, Palo Alto XSOAR
• Integrate security telemetry from APIs, firewalls, IAM, CI/CD, endpoint, and Kubernetes into unified detection systems
• Architect automated response and containment workflows to reduce MTTR and alert fatigue
• Partner with Threat Intelligence teams to implement IOC and behavior-based detection logic
• Build and maintain detection-as-code pipelines with versioning, testing, and simulation
• Enable real-time detection of attacks such as zero-day exploits, lateral movement, and data exfiltration
• Automate triage, enrichment, and remediation using SOAR platforms and infrastructure APIs
• Embed security observability into platform and application architectures
• Monitor alert health, detection coverage, and control effectiveness across environments
• Act as incident commander during major security events and lead coordinated response
• Drive security maturity via tools, playbooks, and collaboration with engineering and operations
• Align detection engineering with risk, compliance, IAM, and data security programs
• Mentor security engineers and analysts; advocate detection and automation best practices

What You’ll Bring:

• Bachelor’s or Master’s degree in Computer Science, Information Security, or related field
• 7-12 years of experience in Security Engineering, SecOps, or Platform Security roles
• Deep expertise in SIEM/SOAR platforms and detection engineering with APIs, logs, and threat intel
• Strong hands-on experience in cloud security (Azure preferred; AWS/GCP acceptable)
• Proficient in scripting or automation (Python, PowerShell, Bash, or Go)
• Experience with container security, Kubernetes, and CI/CD security controls
• Proven leadership in high-severity incident response

Must Have Skills:

• Application & Microservice: Java, Spring boot, API & Service Design
• Any CI/CD Tools : Gitlab Pipeline/Test Automation/GitHub Actions/ Jenkins /Circle CI
• App Platform: Docker & Containers (Kubernetes)
• Any Databases : SQL & NOSQL (Cassandra/Oracle/Snowflake/MongoDB)
• Any Messaging: Kafka, Rabbit MQ
• Any Observability/Monitoring: Splunk/ Grafana/ Open Telemetry /ELK Stack/ Datadog/ New Relic/ Prometheus)
• Security Skillset: OWASP Concepts, threat modeling, Zero-trust, SecOps

Nice To Have:

• Enterprise SecOps strategy & roadmap
• Executive risk reporting, board metrics
• PCI/PII/SOX compliance governance
• Supply chain security program (SLSA provenance)
• Vendor security due diligence (FICO, OFSLL, Akamai, Cequence)
• Zero-trust architecture: SPIFFE/SPIRE, mTLS

Responsibilities

• Client Engagement & Leadership
• Act as a trusted security advisor for multiple high-value clients.
• Manage end-to-end security assessment projects, including scoping, execution, reporting, and remediation guidance.
• Conduct technical and executive-level briefings to communicate findings, risks, and strategic recommendations clearly.
• Translate complex technical vulnerabilities into business risk insights to help clients prioritize actions.
• Collaborate closely with client stakeholders to ensure security recommendations are practical and actionable.
• Advanced Threat Modelling & Risk Assessment
• Design and maintain threat models tailored to client applications, networks, and cloud environments.
• Perform risk assessments focusing on business impact and likelihood of exploitation.
• Develop attack scenarios based on the latest threat intelligence and real-world attacker techniques.
• Guide clients in integrating security into their software development lifecycle (SDLC) and cloud infrastructure designs.
• Penetration Testing & Red Team Operations
• Lead advanced black-box, grey-box, and white-box penetration testing engagements for web applications, APIs, networks, and cloud environments.
• Conduct sophisticated Red Team exercises to simulate targeted attack campaigns.
• Design and develop custom exploits and testing tools to replicate specific attacker techniques.
• Perform social engineering tests (phishing campaigns, physical security assessments) in controlled and ethical scenarios.
• Provide detailed post-exercise analysis, including actionable remediation strategies and long term improvement plans.
• Comprehensive Reporting & Documentation
• Produce clear and technically thorough vulnerability assessment and penetration testing reports.
• Create executive-level summaries focused on business impact and compliance risks.
• Maintain structured and up-to-date testing methodologies and playbooks.
• Contribute to internal knowledge base, documenting research, custom tools, and successful testing strategies.
• Technical & Programming Expertise
• Expert in vulnerability assessment and exploitation techniques across a wide range of technologies.
• Proficient in security testing tools such as Burp Suite, Nessus, Metasploit, Nmap, OpenVAS, Cobalt Strike, Wireshark, and tcpdump.
• Strong scripting and automation skills (Python, Bash, PowerShell) to automate repetitive testing tasks and tool workflows.
• Capable of custom tool development and advanced exploit research to target unique client environments.
• Strong knowledge of application security vulnerabilities (OWASP Top 10, SANS Top 25) and attack surface analysis.
• In-depth understanding of cloud security risks, identity and access management, and container security (Docker, Kubernetes).
• Social Engineering & OSINT Expertise
• Design and execute social engineering and phishing simulations tailored to client environments.
• Perform physical security assessments through tactics like tailgating and badge cloning.
• Apply Open Source Intelligence (OSINT) techniques to gather reconnaissance data for assessments.
• Provide training and awareness recommendations based on assessment outcomes.
• Professional Attributes & Mindset
• Strong analytical, problem-solving, and creative thinking skills.
• Ethical hacker mindset with a continuous drive to research emerging threats, attack techniques, and defense bypass methods.
• Methodical and detail-oriented approach to testing with the ability to think like an attacker.
• Strong communication and presentation skills, able to engage both technical teams and business leadership.
• Proactively innovate by developing new tools, scripts, or methodologies to improve testing efficiency and depth.

Qualifications

• 7+ years of hands-on experience in Vulnerability Assessment, Penetration Testing, and security consulting.
• Strong technical expertise in application security, network security, cloud security (AWS, Azure, GCP), and infrastructure security testing.
• Proven experience using VAPT tools such as Burp Suite, Nessus, Qualys, Nmap, Metasploit, Nikto, OpenVAS, etc.
• Solid knowledge of exploitation techniques, post-exploitation frameworks, and manual testing methodologies.
• In-depth knowledge of web application vulnerabilities (OWASP Top 10) and network protocol analysis.
• Experience conducting cloud security assessments, including misconfigurations, IAM permissions analysis, and container security.
• Proficiency in scripting and automation (Python, Bash, PowerShell) to customize tests and tools.
• Familiarity with security frameworks and standards such as NIST, ISO 27001, MITRE ATT&CK.
• Strong reporting and documentation skills, able to translate technical findings into business friendly recommendations.
• Excellent communication and stakeholder management skills, able to lead client-facing engagements.
• Relevant certifications are a strong plus (e.g., OSCP, CREST, CISSP, CEH, GIAC GPEN).

Preferred Qualifications:

• Certifications such as OSCP, GPEN, CREST CRT, CRTO are highly desirable.
• Experience in DevSecOps, CI/CD pipeline security, or automated security testing frameworks.
• Familiarity with industry compliance frameworks like PCI-DSS, GDPR, HIPAA, SOC2, and ISO 27001.
• Prior consulting experience in a service delivery or customer-facing environment.
• Experience with threat intelligence platforms and indicators of compromise (IoCs).

This is a remote position.

Job Title: Cloud & Containers – Vulnerability Assessment & Scanning

Job Type: Freelance

Location: Remote

Experience: 10+ Years

Mode: Online

We are looking for a highly experienced Freelance Trainer with strong expertise in Cloud Security and Container Security to deliver professional training on Vulnerability Assessment and Scanning. The trainer will design and deliver sessions, share real-world scenarios, and provide hands-on lab guidance to participants.

Deliver online training on Cloud & Container Vulnerability Assessment & Scanning .

Provide hands-on labs, case studies, and practical demonstrations.

Train participants on industry best practices, compliance, and remediation strategies.

Guide learners in integrating vulnerability scanning into DevSecOps pipelines .

Ensure sessions cover both conceptual understanding and practical skills .

Strong knowledge of Cloud Platforms : AWS, Azure, GCP.

Hands-on with Containers & Orchestration : Docker, Kubernetes, OpenShift.

Expertise in Vulnerability Scanning Tools: Qualys, Tenable, Prisma Cloud, Aqua, Twistlock, Trivy, Clair .

Deep understanding of Security Standards : CIS Benchmarks, NIST, OWASP Top 10, CVE/CVSS.

Experience with DevSecOps (CI/CD pipeline integration, IaC scanning).

10+ years of experience in Cloud Security, Container Security, or Vulnerability Management .

Job Description: Cisco Positions

Experience :

Minimum  4+ years of relevant experience.

Key Skills:

Strong L2-level expertise in troubleshooting Cisco devices.Hands-on experience with:Routers and SwitchesCisco Firewalls: ASA/FTD/FirepowerSDWAN

Location : Bangalore or Chennai

Mode of Work:  Work from Office (WFO)

Shift Timings:

24/7 rotational shifts

Education :

Any graduate

Certifications :CCNP certification is mandatory.

Candidates willing to obtain CCNP certification within 60 days post-joining are also eligible.

Payroll

Information Security Analyst (Software and Web Development)

Network Engineers (Engineering )

Site Reliability Engineer (Hardware Engineering)

DevOps Engineers (Software and Web Development)

Software Engineer (Software and Web Development)

• Network Security - 4 Years
• Intermediate
• Adaptive Security Appliance - ASA - 3 Years
• Intermediate
• Firewalls and Security - 4 Years
• Intermediate
• File Transfer Protocol - (FTP) - 3 Years
• Intermediate

Job Description: Cisco Positions

Experience :

Minimum  4+ years of relevant experience.

Key Skills:

Strong L2-level expertise in troubleshooting Cisco devices.Hands-on experience with:Routers and SwitchesCisco Firewalls: ASA/FTD/FirepowerSDWAN

Location : Bangalore or Chennai

Mode of Work:  Work from Office (WFO)

Shift Timings:

24/7 rotational shifts

Education :

Any graduate

Certifications :CCNP certification is mandatory.

Candidates willing to obtain CCNP certification within 60 days post-joining are also eligible.

Payroll

Information Security Analyst (Software and Web Development)

Network Engineers (Engineering )

Site Reliability Engineer (Hardware Engineering)

DevOps Engineers (Software and Web Development)

Software Engineer (Software and Web Development)

• Network Security - 4 Years
• Intermediate
• Adaptive Security Appliance - ASA - 3 Years
• Intermediate
• Firewalls and Security - 4 Years
• Intermediate
• File Transfer Protocol - (FTP) - 3 Years
• Intermediate