758 System Security jobs in India

Avalara is an AI-first company. We expect every engineer, manager, and to actively leverage AI to enhance productivity, quality, innovation, and customer value. AI is embedded in our workflows, and products — and success at Avalara requires embracing AI as an essential capability, not an optional tool.

Avalara is looking for an experienced Workday subject matter expert to oversee, improve, design, and scale Workday­ Security. We ask that you have a passion to enhance product quality and to deliver a seamless experience in Workday through mastery on functional configuration and team player skills.

You will be part of our People Technology team and work with other internal business partners, and company management in the development and maintenance of Workday.

People Technology is a diverse team made up of subject matter experts that own multiple enterprise platforms and brings automation and scale to our People & Culture, Finance and IT programs.

You will report to the Sr. Manager, People Technology Architecture.

What Your Responsibilities Will Be

Must have 5+ years of experience with Workday.

1. Design, configure, and maintain Workday security roles, domains, and business process security policies.

2. Implement security controls in alignment with organizational policies and regulatory requirements.

3. Manage role assignments, segregation of duties, and user provisioning processes.

4. Provide day-to-day security administration and troubleshooting within Workday through JSM and maintain documentation.

5. Monitor system security for unauthorized access, errors, and compliance violations.

6. Support security-related audits and compliance initiatives (e.g., SOX, GDPR).

7. Partner with HR, Finance, Payroll, and IT teams to gather requirements and recommend security solutions.

8. Translate business needs into Workday security configuration and ensure least-privilege access.

9. Conduct impact analysis for new features, releases, or configuration changes.

10. Develop and execute security test plans, including role validation and regression testing.

11. Validate new security features delivered in Workday releases and provide recommendations.

12. Create and maintain security design documents, process guides, and standard operating procedures.

13. Address compliance audit requirements and maintain system audit records

What You'll Need to be Successful

• Minimum of 5+ years of relevant professional experience in supporting/implementing Workday Security in a corporate HRIS/IT role.
• Supported Workday Security in a production environment
• Understanding of the impacts to modifying Security policies and understand end-to-end Security constructs
• Hands-on configuration experience of Workday Core HR, Security
• Ability to create, deploy, and maintain Workday custom reports and dashboards
• Strong communication and interpersonal skills
• Ability to multi-task and comfortable providing end user support and functional trainings

Preferred Qualifications:

• Experience with Workday technologies - Enterprise Interface Builder (EIB) Report Writer, Business Process Framework, Configurable Security, Calculated Fields
• Experience with Workday's Human Capital Management (HCM) suite and Security
• Other experience with Compensation, Payroll, Security, Recruiting and Time Tracking a plus
• Workday Security PRO Certified a plus
• Experience with SOX principles and concepts

How We'll Take Care of You

Total Rewards

In addition to a great compensation package, paid time off, and paid parental leave, many Avalara employees are eligible for bonuses.

Health & Wellness

Benefits vary by location but generally include private medical, life, and disability insurance.

Inclusive culture and diversit y

Avalara strongly supports diversity, equity, and inclusion, and is committed to integrating them into our business practices and our organizational culture. We also have a total of 8 employee-run resource groups, each with senior leadership and exec sponsorship.

What You Need To Know About Avalara

We’re defining the relationship between tax and tech.

We’ve already built an industry-leading cloud compliance platform, processing over 54 billion customer API calls and over 6.6 million tax returns a year. Our growth is real - we're a billion dollar business - and we’re not slowing down until we’ve achieved our mission - to be part of every transaction in the world.

We’re bright, innovative, and disruptive, like the orange we love to wear. It captures our quirky spirit and optimistic mindset. It shows off the culture we’ve designed, that empowers our people to win. We’ve been different from day one. Join us, and your career will be too.

We’re An Equal Opportunity Employer

Supporting diversity and inclusion is a cornerstone of our company — we don’t want people to fit into our culture, but to enrich it. All qualified candidates will receive consideration for employment without regard to race, color, creed, religion, age, gender, national orientation, disability, sexual orientation, US Veteran status, or any other factor protected by law. If you require any reasonable adjustments during the recruitment process, please let us know.

Title: Security Engineer (6+ Years)

Job Description:

1. Use CrowdStrike reports to evaluate all security vulnerabilities on both Windows and Linux systems.
2. Analyze the requirements to remediate the security vulnerabilities.
3. Create processes that will remediate the vulnerabilities.
4. Work with the Managed Services team and the BUs to schedule the remediations in within accepted scheduling windows.
5. Execute these processes against the vulnerable systems to complete the remediation process.
6. Confirm the remediations have been effective using CrowdStrike reporting and spreadsheet analysis (or by using whatever tools that are agreed upon by NTT and Enlyte leadership)
7. Generate reports for Senior Management on security vulnerabilities in the environment on an ongoing basis.
8. Attend meetings where the reports can be discussed with Senior management on a regular and ongoing basis.
9. Take direction from me regarding any zero day issues when they arise and work closely with the Security Team to address these vulnerabilities as needed.

ISA is a premier technology solution provider for the Aviation industry. We are backed by Air Arabia and headquartered in Sharjah, UAE. ( )

ISA (Information Systems Associates) is a premier in the field of Information Technology providing best-of-breed technology solutions for the global travel and aviation industry since 2005. We offer a wide range of tailor-made aviation technology

We are hiring!

Pune, India.

Job Title: Security Engineer

Job Type: Full-time

Reports To: Security Architect

Job Overview:

We are seeking a highly skilled Security Engineer to design, implement, and manage the security architecture of our organization. The ideal candidate will be responsible for firewall and endpoint security, WAF implementation, VAPT, fraud investigation, dark web monitoring, brand monitoring, email security, and compliance enforcement . The role requires expertise in securing IT infrastructure, conducting risk assessments, ensuring compliance, and implementing Microsoft security layers to strengthen the organization's security posture.

Key Responsibilities:

1. Firewall, Endpoint & WAF Security

• Design, configure, and manage firewalls (Palo Alto, Fortinet, Cisco ASA, Check Point).
• Deploy and maintain Web Application Firewalls (WAF) for web security (Cloudflare, Imperva, AWS WAF).
• Implement Endpoint Detection & Response (EDR) solutions like Microsoft Defender for Endpoint, CrowdStrike, SentinelOne .
• Conduct regular firewall rule audits, optimize configurations, and enforce Zero Trust principles .

2. Microsoft Security Layer Implementation

a. Microsoft Email Security

• Configure and manage Microsoft Defender for Office 365 to protect against phishing, malware, and email threats.
• Implement Safe Links, Safe Attachments, and Anti-Phishing policies .
• Monitor and respond to email security alerts in Microsoft Security Portal .
• Conduct email security threat hunting using Defender for O365 and advanced hunting queries.

b. Microsoft Endpoint Security

• Deploy and manage Microsoft Defender for Endpoint (MDE) to protect corporate devices.
• Enforce attack surface reduction (ASR) rules for endpoint protection.
• Configure endpoint compliance policies using Microsoft Intune .
• Implement DLP (Data Loss Prevention) policies to prevent data exfiltration.

c. Compliance & Risk Management

• Implement and monitor Microsoft Purview Compliance Manager for risk assessment.
• Enforce Information Protection & Encryption Policies using Microsoft Purview.
• Configure and manage Conditional Access Policies in Microsoft Entra ID .
• Ensure compliance with security frameworks like ISO 27001, NIST, CIS, and GDPR .

3. Dark Web Monitoring & Brand Protection

• Monitor dark web forums, marketplaces, and underground networks for stolen credentials, data leaks, and insider threats.
• Implement dark web intelligence tools such as Recorded Future, Digital Shadows, or Microsoft Defender Threat Intelligence.
• Work with threat intelligence platforms to detect and respond to brand impersonation, phishing sites, and fraudulent domains .
• Collaborate with legal and compliance teams to enforce takedowns of malicious content.

4. Fraudulent Incident Investigation & Threat Hunting

• Investigate fraud incidents, phishing attempts, and business email compromise (BEC) .
• Conduct forensic analysis on compromised endpoints, servers, and email accounts.
• Develop and implement threat intelligence and threat hunting processes.
• Work closely with SOC teams for incident response and mitigation .

5. VAPT & IT Security Operations

• Perform Vulnerability Assessments & Penetration Testing (VAPT) on infrastructure, applications, and cloud environments.
• Implement and manage intrusion detection/prevention systems (IDS/IPS) .
• Monitor, analyze, and mitigate vulnerabilities from external and internal security scans .
• Work with teams to remediate vulnerabilities and harden IT assets.

6. IT Security & Compliance Management

• Develop and enforce security policies, standards, and procedures .
• Implement Zero Trust Architecture and IAM policies .
• Conduct security awareness training and phishing simulations.
• Ensure compliance with ISO 27001, NIST, CIS, PCI-DSS, GDPR, and other industry standards .

Required Qualifications & Skills:

Technical Skills:

Firewall & Network Security: Palo Alto, Fortinet, Cisco ASA, Check Point

Microsoft Security Stack: Defender for Endpoint, Defender for Office 365, Intune, Purview Compliance

Endpoint Security & EDR: Microsoft Defender, CrowdStrike, SentinelOne

WAF & Web Security: Imperva, AWS WAF, Akamai, Cloudflare

VAPT & Red Teaming: Burp Suite, Nessus, Metasploit, Kali Linux, OWASP ZAP

SIEM & Threat Intelligence: Microsoft Sentinel, Splunk, QRadar, ELK Stack, MITRE ATT&CK

Cloud Security: Azure Security Center, AWS Security Hub, GCP Security Command Center

IAM & Zero Trust: Okta, Microsoft Entra ID, Conditional Access Policies, PAM

Dark Web & Brand Monitoring: Recorded Future, Digital Shadows, Microsoft Defender Threat Intelligence

Soft Skills:

• Strong analytical and problem-solving skills.
• Excellent communication and stakeholder management abilities.
• Ability to work independently and in cross-functional teams.
• Proactive security mindset with attention to detail.

Certifications (Preferred, but not mandatory):

️ CISSP – Certified Information Systems Security Professional

️ CEH – Certified Ethical Hacker

️ OSCP – Offensive Security Certified Professional

️ CISM/CISA – Certified Information Security Manager/Auditor

️ Microsoft Certified: Cybersecurity Architect (SC-100)

️ Microsoft Certified: Security Operations Analyst (SC-200)

️ Microsoft Certified: Information Protection Administrator (SC-400)

Experience Required:

• 5+ years of experience in IT Security, Cybersecurity, and Threat Intelligence .
• Hands-on expertise in firewall management, endpoint security, WAF, email security, and compliance .
• Strong experience in fraud investigation, dark web monitoring, and brand protection .
• Proven ability to secure cloud, hybrid, and on-premises environments .

Please send your profiles to

We are looking for a Security Engineer to join our cybersecurity team and strengthen redBus

defence against evolving cyber threats. This role involves monitoring, analysing, and responding

to security incidents while continuously improving our security framework. The ideal candidate

will have 7–10 years of experience in Security Operations, with deep expertise in Endpoint

Security, Network Security Controls, and Application/Data Security, hands-on experience with

relevant tools, and strong scripting skills.

Key Responsibilities:

• Monitor and analyse security events across endpoints, networks, cloud environments, and applications.
• Implement, manage, and optimize security controls using industry-leading security technologies.
• Ensure strong endpoint protection and proactively respond to vulnerabilities, incidents, and suspicious activities.
• Implement and manage CNAPP/DSPM solutions to identify, classify, and protect sensitive data across cloud and hybrid environments
• Manage and enhance email security to prevent phishing, malware, and other email-borne threats.
• Apply Zero Trust principles to strengthen access controls and identity security.
• Lead and support security incident detection, investigation, and remediation.
• Conduct application security assessments, including static (SAST) and dynamic (DAST) testing, to identify and remediate vulnerabilities.
• Collaborate with development teams to integrate security into the SDLC and promote secure coding practices.
• Develop and maintain security policies, procedures, and compliance documentation.
• Collaborate with IT, cloud, and product teams to improve the overall security posture.
• Automate security workflows and threat detection using Python, PowerShell, or Bash.
• Stay updated on emerging threats, vulnerabilities, and evolving security technologies.

Required Skills & Qualifications:

• 6–10 years of experience in cybersecurity, with a strong focus on endpoint, network, cloud,
• and application/data security.
• Hands-on expertise with:
• Endpoint Security: EDR, XDR, Incident Response, Malware Analysis, Threat Hunting
• Network Security: NAC, Firewalls, IDS/IPS, Network Segmentation, Zero Trust Access
• Cloud & Web Security: CNAPP, DSPM , CASB, Secure Web Gateway, DLP
• Application Security: SAST, DAST, API security testing, secure coding review, OWASP Top 10
• Email Security: Email analysis, authentication protocols, modern email threat defence, and
• threat intelligence integration
• Knowledge of security frameworks and compliance standards (NIST, ISO 27001, CIS, etc.).
• Experience in threat intelligence, vulnerability management, incident investigation, and
• application security risk assessment.
• Familiarity with SIEM platforms and log analysis techniques.
• Strong problem-solving skills, proactive learning attitude, and excellent communication/documentation capabilities.

Security Engineer: ( Microsoft Subject Matter Expert) : 

Fulltime Remote 

About the Role:

Do you want to be on the frontline fighting for safe use within the digital frontier? Does describing your job to your family and friends as being a cyberwarrior or threat hunter sound awesome or awe inspiring? Then join us as part of our Security Operations Center (SOC)

Engineering team as a Microsoft Services Subject Matter Expert (SME) supporting our frontline Threat Hunters. In addition, given the rapid changes within the Microsoft ecosystem you will also be working cross-functionally with Product Management and R&D Engineering to drive differentiation within our service as well with our Business Development team to help maintain the relationship with Microsoft.

While this role will have business responsibilities that will help you expand your career options, the primary day to day role is as a Security Engineer. As a Security Engineer, you will serve as a critical support system for the SOC. You will create, enhance, and tune alerts and detections so that the SOC can best defend our client's networks. Your goal will be to continually improve the detection and alerting that the SOC receives. In some cases, you will work directly with clients to ensure that they send us the most beneficial and important data. You will leverage our tech stack, elements of Microsoft and provide ongoing support both internally and externally. In short, you will be a critical member of the team using Microsoft Defender, Microsoft Sentinel, Microsoft Suite including Purview, Entra, Intune tools, the Pondurance SIEM and SOAR as well as other products and services to protect our clients in the ever-changing threat landscape.

Responsibilities:

 Stay on the forefront of the Microsoft ecosystem

 Drive security detection improvements

 Tune existing alerts and client data in our SIEM tooling for optimal performance.

 Identify workflow improvements and curate new automations through our SOAR platform

 Assist in continuous improvement efforts to evaluate detection and response capabilities

 Develop methods to detect potential threats

 Maintain the SOAR platform in support of day-to-day SOC activities

 Work with cross-functional teams to enhance detection capabilities

Qualifications:

 Strong understanding of tuning alerts and pertinent logs to aid in detecting threats

 Expert knowledge of Microsoft including, but not limited to Defender, Sentinel, Purview, Entra, and Intune

 Experience building data retrieval from the Microsoft security ecosystem

 Leveraging detection mechanisms within SIEMs and SOAR

 A strong understanding of cyber-attacks, MITRE ATT&CK framework, emerging threats and threat modelling as well as security research techniques

 Intermediate experience with Python, PowerShell, Bash or Go 

 Intermediate experience with IDS/IPS systems

Talents: 

 Ability to adjust and adapt in a fast pace and dynamic environment, including changes in responsibilities as the business evolves.

 Capacity for Synthesis: bring together disparate elements to create a coherent entity or a big-picture overview in order to gain a new perspective

 Applied Technical Thinking: apply specialized, theoretical knowledge to efficient operational uses

 Demonstrate strong composure with a balance of urgency and intensity, as well as focus

Security Engineer (L1/L2) : System Compliance and Identity & Access Management

Job Role

Position: Security Engineer (L1/L2) : System Compliance and Identity & Access Management

Work Location: Mumbai & Hyderabad

Educational Qualification: Bachelors degree in Engineering or equivalent

Work Experience: 4 Years 6 Years

Certification: Azure Security certification / GCP Security Certification / AWS Cloud Security Certification or similar certifications

Flexible on working hours and ready for 24/7 support model.

Knowledge & Skills

• Good knowledge in Security technologies of Azure or GCP or AWS or on-premises
• Identity and access management
• Working knowledge on IAM related protocols such as SAML, SPML, XACML, SCIM, OpenID and OAuth
• Working knowledge on Windows AD, Windows ADFS, Windows AD Sites and Trusts
• Working knowledge on various identity providers such as Windows AD, Okta, Oracle, PingID
• Working knowledge of multi-Factor authentication and Privileged Access Management
• Good understanding of Identity Protection, Identity & Access Solution Migration
• System Compliance
• Working knowledge of one of the technology administration & patching like Windows, Unix, DB, MW, Others
• Hands-on experience with one or more configuration management systems such as Ansible, Chef, or Puppet
• Knowledge of vulnerability scoring systems (CVSS/CMSS)
• Good understanding of Windows and Unix administration & patching
• Work experience with vulnerability assessment tools like Qualys, Foundstone, Rapid7, Nessus and similar
• Working experience in Public / Private / Hybrid Cloud solutions and their best practices
• Hands on experience using the various cloud administration portal
• Hands-on with PowerShell, Python, or other scripting languages
• Knowledge on Cloud (Azure, GCP, AWS) Security concepts and technologies
• Provides remediation guidance and prepares management reports to track remediation activities.
• Knowledge in information security management, compliance principles, practices, laws, rules and regulations
• Strong understanding on Information technology systems and processes, network infrastructure, data architecture, data processes, and protocols
• Knowledge in cloud security standard frameworks, architecture, design, controls, technology solutions and service orchestration