Senior Security Engineer (Kerala)

About the Role BluOcean Cyber is seeking a Senior Security Engineer to help design, build, and mature security programs across cloud, application, product, and SaaS environments. This role is ideal for a security professional with strong foundational experience across modern cloud and application security who can own processes end-to-end, drive accountability, and grow into deeper specialization across SaaS and SaaS Security Posture Management. You will partner with clients and internal teams to identify risk, implement security controls, improve visibility, and operationalize repeatable security processes. We are looking for someone who can combine strong technical judgment with practical execution: someone who can assess a problem, define the path forward, coordinate stakeholders, and see the work through to completion. What You'll Do
- Serve as a senior technical security engineer and consultant across cloud, application, product, and SaaS security engagements.
- Own security processes end-to-end, including assessment, prioritization, implementation, documentation, handoff, operationalization, and continuous improvement.
- Assess cloud and application environments to identify misconfigurations, insecure patterns, excessive permissions, control gaps, and opportunities to reduce risk.
- Support secure design and architecture reviews for cloud infrastructure, SaaS platforms, internal applications, product features, APIs, and integrations.
- Partner with engineering, product, IT, and security stakeholders to translate security requirements into practical, scalable solutions.
- Design and implement security controls across cloud platforms, identity systems, SaaS applications, CI/CD pipelines, APIs, and product environments.
- Support vulnerability management, threat modeling, secure configuration, access control, and risk remediation efforts.
- Help mature security governance, standards, reference architectures, and operational playbooks across client environments.
- Integrate security tooling with existing workflows, including SIEM, SOAR, ITSM, ticketing, cloud-native security tools, and SaaS security platforms.
- Create dashboards, reports, documentation, and executive-ready summaries that clearly communicate risk, progress, and accountability.
- Develop scripts, automations, or repeatable workflows to improve security visibility, remediation, evidence collection, and operational efficiency. What You'll Bring
- Required
- Bachelor's degree in Computer Science, Cybersecurity, Information Security, or a related field, or equivalent practical experience.
- 5+ years of hands-on security experience, with meaningful exposure to cloud security, application security, product security, security engineering, or security operations.
- Strong working knowledge of cloud security concepts across AWS, Azure, or Google Cloud, including IAM, networking, logging, monitoring, encryption, secure configuration, and least privilege.
- Experience assessing and improving the security of applications, products, APIs, or cloud-hosted services.
- Ability to identify security gaps, prioritize risk, define remediation plans, and drive work through completion.
- Experience owning security processes end-to-end, including building repeatable workflows, documenting requirements, tracking accountability, and ensuring outcomes are delivered.
- Strong understanding of identity and access management, including SSO, IAM, MFA, least privilege, role design, and federation concepts such as SAML or OIDC.
- Working knowledge of common security frameworks and control models such as NIST CSF, NIST 800-53, ISO 27001, SOC 2, CIS Benchmarks, or CSA CCM.
- Ability to collaborate with technical and non-technical stakeholders, including engineering, product, IT, security leadership, and client teams.
- Strong communication skills with the ability to explain security findings, tradeoffs, and recommendations clearly to both technical and executive audiences.
- High accountability, strong ownership mindset, and the ability to operate independently while knowing when to escalate or ask for input.
- Strong foundational security knowledge and curiosity, with the ability to learn new tools, platforms, and specialized domains quickly. What Sets You Apart
- Preferred
- Experience securing SaaS platforms such as Microsoft 365, Salesforce, Google Workspace, ServiceNow, Workday, GitHub, or similar enterprise SaaS applications.
- Hands-on experience with SaaS Security Posture Management tools such as AppOmni, Falcon Shield, Obsidian Security, Reco, DoControl, Normalyze, or similar platforms.
- Experience implementing, configuring, or operationalizing SSPM capabilities across enterprise SaaS environments.
- Experience with SaaS-to-SaaS integrations, OAuth applications, API permissions, third-party access, and identity-centric SaaS risk.
- Experience with secure SDLC, DevSecOps, CI/CD security, infrastructure-as-code security, container security, or cloud-native application protection.
- Proficiency with scripting or automation using Python, PowerShell, Bash, or APIs.
- Experience building security metrics, dashboards, control monitoring, evidence collection, or audit-readiness workflows.
- Experience working in consulting, client-facing security roles, or environments requiring robust stakeholder management.
- Relevant certifications such as CCSP, CCSK, CISSP, AWS Security Specialty, Azure Security Engineer, GCP Security Engineer, CSSP, or similar credentials. Join BluOcean and be at the forefront of the SaaS security revolution. Here, you're not just consulting; you're leading the mission to transform how the world secures its SaaS landscape. If you are passionate about building resilient, posture-managed SaaS environments and have the deep SSPM expertise to back it up, we need you on our team. Ready to lead from the front? Apply now. Apply on Kit Job: kitjob.in/job/4mwjad