A Platform Security Engineer performs security assessments of enterprise applications and technology platforms to confirm they are securely configured, properly integrated, and aligned with organizational security requirements. This role evaluates Software as a Service, commercial off-the-shelf, and internally hosted platforms to identify security risks beyond traditional vulnerability scanning and application code reviews. The role focuses on platform configuration security, access controls, integration security, data protection, logging, monitoring, and security hardening.
Work you'll do
As a Platform security Engineer on the Cyber Security team, you will be responsible for:
- Conduct security assessments of enterprise business platforms and data or analytics platforms to evaluate platform security configurations, access governance, and secure workflows
- Review solution designs, integrations, data flows, application programming interfaces, service accounts, and encryption controls to identify security risks across platform ecosystems
- Assess security settings, baseline configurations, hardening controls, audit logging, monitoring, alerting, retention, privileged roles, and segregation of duties
- Document findings, provide risk-based recommendations, track remediation activities, support exception reviews and compliance initiatives, and maintain assessment methodologies and platform-specific checklists
- Collaborate with application owners, platform administrators, architects, cloud teams, identity and access management teams, and project stakeholders to provide security guidance and present assessment results
The team
The Cyber Security team helps protect enterprise platforms, applications, and data by assessing security risks and strengthening control environments across the technology landscape. The team works with platform owners, architects, cloud teams, and business stakeholders to improve security posture, support secure implementations, and promote consistent security practices across enterprise services.
Location: Hyderabad
Shift Timings: 2 PM to 11 PM
Qualifications
Required:
- 5-7 years of experience in enterprise security, security assessment, platform security, governance, risk, and compliance, identity and access management, or security architecture
- Experience conducting security assessments of Software as a Service, commercial off-the-shelf, or internally hosted technology platforms
- Experience reviewing authentication, authorization, role-based access control, privileged access management, single sign-on, multifactor authentication, or federation configurations
- Experience assessing encryption controls for data at rest and data in transit, logging controls, monitoring controls, or platform hardening configurations
- Experience documenting security findings, assigning risk ratings, tracking remediation activities, and validating closure of identified issues
- Experience presenting assessment results to platform owners, technology leaders, or security governance stakeholders
Preferred:
- Experience assessing Salesforce, ServiceNow, SAP, SuccessFactors, SharePoint, OpenText, Siebel, Workday, or Microsoft 365 platforms
- Experience assessing Azure Databricks, Snowflake, Microsoft Fabric, Synapse Analytics, Tableau, or Power BI platforms
- Experience reviewing application programming interfaces, third-party integrations, or service account security configurations
- Experience with Center for Internet Security Benchmarks, Open Worldwide Application Security Project guidance, National Institute of Standards and Technology frameworks, or ISO/IEC 27001
- Experience supporting security exception reviews, compliance initiatives, or platform-specific review methodology development