Skip to main content
Posted 09 July, 2026

Algotale ( InCred ) - Information Security Engineer

Nexthire
Bengaluru, KA, IN Full Time
Reference: 859926a87be7a28d

Job Description

Role- Information Security Engineer

\n

Location- Bangalore Hybrid 2 Days Onsite

\n

Company- InCred

\n

Job Description

\n


\n %CF; Evaluating, Testing, and integrating security tools, standards, and associated processes as per the
\n security framework.
\n %CF; Identify, prioritize, and track security incidents and manage related platforms such as SIEM ( Wazuh
\n , Blusapphire, Qualys ) , DLP ( Email and Application), EDR and other security tools
\n %CF; Ability to run automated and manual scans on tools like - Burpsuite and Nessus Improving and
\n supporting application security tool deployments including static analysis and runtime testing tools.
\n %CF; Assist in creating and managing the framework for Information Security in alignment with
\n industry best practices (ISO 27001, NIST CSF, OWASP top 10)
\n %CF; Improve the cyber security program governance processes including cyber security risk
\n reporting (recommending new report formats, reporting technologies and collaborating with
\n team members to build-out reports/dashboards) and governance committee
\n %CF; Develop of cyber security standards, including incorporating industry practices and
\n applicable compliance requirements
\n %CF; Monitor and report compliance with cyber security standards and security rules of relevant
\n cyber security and regulatory privacy requirements
\n %CF; Improving and supporting application security tool deployments including static analysis and runtime
\n testing tools.
\n %CF; Create and manage process to guide development and testing teams on proactively finding
\n application security risks
\n %CF; Improving and maintaining secure development standards.
\n %CF; Supporting the application architecture/design review processes whenever application security
\n expertise is needed.
\n %CF; Oversee and improve third-party information security risk management programs to assess
\n risks associated with the usage of third-parties/vendors. Assist in 3rd party security due-
\n diligence reviews
\n %CF; Conduct periodic penetration testing services of application and Network related infrastructure.
\n Closure of open risks by actively following-up with stakeholders.
\n %CF; Assess application, design threat models, risk, document potential risk vectors, recommend relative
\n controls and ensure risk is addressed
\n %CF; Maintain security risk register to track the identified risks and produce metrics to report the state of
\n application security program and risk status.
\n %CF; Additional responsibilities to this role include:
\n %CB; Recommend cybersecurity assessment methodology and support purple team exercises
\n when required
\n %CB; Assessing cloud security risk (AWS, Google, and Azure) and recommending appropriate
\n security controls
\n %CF; Assist in imparting security awareness training and executing phishing simulation exercises
\n to employees.
\n %CF; Track and report security metrics to higher management on a regular basis
\n %CF; Define hardening standard for various technology and assess compliance levels
\n %CF; Identify, prioritize, and track security incidents and manage related platforms such as SIEM, DLP,
\n EDR and other security tools
\n %CF; Provide clear communication on the issue to application owners and verify the efficacy of
\n vulnerability remediation
\n %CF; Should have ability to drive VAPT engagements end to end for Web, Mobile and Infra with Internal
\n stakeholders and external agencies if required

\n

%CF; Basic understanding of regulatory requirements of Indian Fintech ecosystem like RBI, SEBI, NSE,
\n BSE others

\n


\n Key Areas: ISO 27001, security governance, evaluating and implementing security tools (SIEM, DLP,
\n endpoint protection), security reviews and assessment, preparation of security checklist, security
\n awareness/phishing simulation, cloud security, Application security.
\n Keywords in the line of priority - Information security , SOC (Security Operations centre), SIEM ,
\n Application security, Technical risk assessment, Cloud Security , Third party risk management, Security
\n reviews , Security checklist, Internal and external audits, Awareness trainings, RBI , ISO 27001, CEH,
\n Certifications: good to have - ISO 27001, CEH or CC ( Not Mandatory )

\n


\n Experience

\n


\n %CF; Should have 3-4 years of experience in the information security domain
\n %CF; Must have sound knowledge in security vulnerabilities, remediation and mitigation techniques.
\n %CF; Ability to document and explain technical details in a concise & understandable manner
\n %CF; Industry recognized certificates relevant to the roles such as CISM, CISSP, CISA, ISO 27001 LA ,
\n CEH and CC are desired
\n %CF; Ability to lead complex, cross-functional projects, and problem-solving initiatives.
\n %CF; Passionate about information security and update knowledge on daily basis to support the
\n organization
\n %CF; Candidates must have excellent verbal and written communication skills
\n %CF; Candidates must be able to explain all vulnerabilities and weaknesses in the OWASP Top 10, to
\n concerned stakeholders and discuss effective defensive techniques.
\n %CF; Familiarity with industry standards and regulations including RBI Master directionsPCI, ISO27001,
\n CIS, NIST is desired.
\n %CF; Good understanding of the Docker, Kubernetes, and security models
\n %CF; Fair understanding of public cloud models (e.g. AWS, Google, Microsoft Azure) and their security
\n implications
\n Skills:
\n %CF; Candidate should be a good team player
\n %CF; Should have good interpersonal skills
\n %CF; Good written communication skills including ability to develop process documentation and security
\n guidelines.
\n %CF; Ability to apply critical thinking and logic to a wide range of intellectual and practical problems
\n %CF; Ability to maintain composure under pressure and work calmly during an emergency
\n %CF; Ability to manage multiple tasks and schedules

Sign up for Job Alerts