kAIgentic - Senior Development Engineer II, Security Operations

Bengaluru, Karnataka, India4w ago

In Office Senior APAC Fintech Cloud Computing Senior Software Engineer Security Engineer Python Kubernetes Move AWS GCP

Requirements

• 5+ years in security operations, detection and response, incident response, or threat hunting. This is not a GRC or audit role. • AI-native velocity as a default mode of working (mandatory). Comfortable using AI in day-to-day work to write detections, accelerate triage, draft incident artefacts, and move faster with judgment. • Strong Python or equivalent scripting skills for detection engineering, automation, and tooling. • Hands-on experience with at least one major cloud (AWS, Azure, or GCP) and its security primitives: IAM, KMS, GuardDuty / Defender, VPC, and audit logging. • Hands-on experience operating SIEM (Splunk, Sumo, Elastic, Panther, or similar), EDR (CrowdStrike, SentinelOne, Defender, or similar), and SOAR. • Proven track record of running real incidents to closure end to end, including communication under pressure. • Strong fundamentals: TCP/IP, TLS, OS internals, OAuth / OIDC, Kubernetes basics, and modern attack chains. • Calm under pressure. High-judgment, low-drama operator who improves the team’s composure rather than draining it. • Detection and response experience in regulated industries such as financial services, fintech, regtech, or healthcare. • Familiarity with AI-specific attack surfaces: prompt injection, model exfiltration, agent abuse, RAG poisoning, and tool-call misuse. • Purple-team or offensive security background (OSCP, GPEN, GCIH, or equivalent practical work). • GCFA, GCIH, GCDA, GCFR, OSDA, or equivalent SecOps certification. • Experience standing up or significantly maturing a SecOps function inside a startup. • What great looks like • Early win. You replace the noisiest, lowest-value detections with high-fidelity ones, and meaningfully shorten mean time to triage on the alert classes that matter most. • Early win. • In a year. You have built a measurably mature SecOps function. Detections cover the attack surfaces that matter, incident response is rehearsed and fast, AI-specific threats have first-class coverage, and our customers feel safer because of the work you do. • In a year.

Responsibilities

• Own end-to-end detection engineering across cloud (AWS, Azure, GCP), identity (Okta, Entra), endpoints, SaaS, and AI pipelines, including detections for prompt injection, model abuse, RAG poisoning, and tool-call misuse. • Run incident response end to end: triage, containment, eradication, recovery, customer communication, and the post-incident review that makes the next incident smaller. • Lead proactive threat hunting against high-value targets across infrastructure, identity, code repositories, secrets, and AI pipelines. • Tune and operate the SIEM, EDR, CSPM, and SOAR stack. Move noisy alerts to automated decisions and keep human judgment where it matters. • Build the SecOps automation layer in Python and SOAR playbooks: enrichments, response actions, evidence capture, ticketing, and customer notifications. • Operate vulnerability management end to end: prioritization, patch SLAs, exception handling, and validation. Hold engineering accountable for fixing what matters. • Run identity threat detection and response (ITDR), including session anomalies, OAuth abuse, MFA fatigue, and AI assistant or service-account token misuse. • Own the on-call rotation, incident drills, tabletops, and game days. Keep the muscle in shape across the team. • Partner with platform, infrastructure, and AI engineering teams to harden model, agent, and tool surfaces against new classes of attack and abuse. • Translate operational learnings into hardened controls, detections, and policies, and feed clean evidence into audit and customer trust workflows when needed. • Use AI fluently across detection authoring, alert triage, incident drafting, and threat enrichment to operate with higher leverage and tighter cycle times.

Benefits

• We are a global team of builders who thrive in ambiguity, care deeply about the customers we serve, and believe the intelligence layer is how enterprise work will be reshaped over the next decade. We are building the connective tissue that lets large companies operate with the speed of a startup and the trust of an institution. • We look for people who: • Combine technical excellence with genuine customer empathy. • Are entrepreneurial and energized by zero-to-one problems with no playbook. • Lead with ownership, integrity, and collaboration, not titles. • Want to help define a new category of enterprise AI, not just ship inside an existing one. • Working here means being surrounded by peers who challenge assumptions, celebrate progress, and build with both courage and care. • Life at kAIgentic • Life at kAIgentic • Intelligence layer at the core. You will be shaping the substrate that turns institutional knowledge into governed, production-grade operations. This is enterprise infrastructure with real consequences. • Innovation at enterprise scale. Startup velocity meets the depth, scale, and stakes of mission-critical, regulated environments. Both are non-negotiable. • Ownership from Day One. Your work directly shapes the product, the culture, and the outcomes our customers see. • Learning and growth. You will work alongside seasoned leaders from leading enterprises who have built and scaled global businesses. • A culture of trust. Psychological safety, transparent disagreement, and disciplined experimentation are how we operate, not slogans on a wall. • Global collaboration. Teams across Singapore, India, Japan, Europe, and the US, working as one. • A mission worth the effort. Building something the world has not seen before: anintelligence layer that helps enterprises continuously improve how they run.