Senior Security Engineer II

What is Contentstack? Contentstack is on a mission to deliver the world’s best digital experiences through a fusion of cutting-edge content management, customer data, personalization and AI technology. Iconic brands, such as AirFrance KLM, ASICS, Burberry, Mattel, Mitsubishi and Walmart, depend on the platform to rise above the noise in today's crowded digital markets and gain their competitive edge. Contentstack and its employees are dedicated to the customers and communities they serve. The company is recognized for its unmatched customer care and tradition of giving back globally through the Contentstack Cares program, including proud support of Pledge 1% and Girls Who Code. Learn more at www.contentstack.com . Who Are We? At Contentstack we are more than colleagues, we are a tribe. Our vision is to pursue equity among our communities, employees, partners, and customers. We are global-diverse yet close; distributed yet connected. We are dreamers and dreammakers who challenge the status quo. We do the right thing, even when no one is watching. We are curious trendspotters and brave trendsetters. Our mission is to make Contentstack indispensable for organizations to tell their stories and to connect with the people they care about through inspiring, modern experiences. We care deeply about our customers and the communities we serve. #OneTeamOneDream. Chalo, let’s go! About the Role We are seeking a highly experienced Senior Security Engineer II to join our team. As a member of our Cloud Security team, you will play a pivotal role in shaping our cloud defense strategy. This is an individual contributor role, you will function as a technical lead , acting as a subject matter expert for the broader engineering organization. You will be responsible for overseeing the security posture of our multi-cloud environment ( AWS, Azure, GCP ) and managing the tooling that keeps our infrastructure safe. You will act as the bridge between security leadership, the application security team, and the broader engineering organization, ensuring that security is designed into our solutions from day one. Contentstack is an AI-forward company, and we expect all candidates to bring practical experience using AI tools and technologies as a core part of how they work, learn, and drive impact. Key Responsibilities Cloud Posture & Tooling Management Multi-Cloud Oversight: Lead the effort to secure and monitor our footprint across AWS, Azure, and GCP, ensuring consistent security controls are applied regardless of the provider. Security Tooling Operations: Manage, tune, and optimize our security tooling stack. You will be the primary owner of our CrowdStrike deployment (CNAPP/CSPM) for monitoring misconfigurations and threat detection. API Security: Take ownership of our API security strategy by managing and monitoring Cequence . You will ensure our API estate is discovered, cataloged, and protected against abuse. Tool Evaluation: As the team grows, you will lead the evaluation and implementation of new security tools to replace or augment current solutions as business needs evolve. Architecture & Engineering Collaboration Security Architecture: Partner with Engineering teams during the design phase of new projects. You will review architectures to ensure new solutions are compatible with our security ecosystem and are designed with a "Security First" mindset. Shift-Left Initiatives: Work closely with the Application Security team to integrate security checks into CI/CD pipelines and monitor deployments. Vulnerability Management: Drive the remediation process for identified cloud and application issues, working with engineering owners to ensure critical vulnerabilities are addressed within established SLAs. Technical Leadership Mentorship: Act as a senior voice within the Cloud Security team, mentoring others and helping define technical standards and best practices. Incident Response: Serve as an escalation point for cloud-related security incidents, investigating alerts regarding attacks, compromises, or severe misconfigurations. Qualifications Required Experience 5-8 years of experience in Information Security, with at least 4 years dedicated to Cloud Security. Deep technical mastery of AWS , with a working proficiency in Azure and/or GCP . Proven experience implementing and managing CSPM/CNAPP tools (e.g., CrowdStrike, Wiz, Prisma Cloud) in a production environment. Experience with API Security tools (Cequence, Noname, Salt) or WAF technologies. Strong understanding of Infrastructure as Code (Terraform, CloudFormation) and how to secure it. Proficiency in at least one scripting language (Python, Go, or Bash) for automation and tooling integration. Experience working in an AI-forward environment, with demonstrated ability to use AI tools and technologies as a core part of day-to-day work, problem-solving, and continuous learning. Soft Skills & Attributes Influence without Authority: Ability to drive security adoption across Engineering teams through collaboration and technical expertise rather than mandate. Strategic Thinking: Ability to look beyond immediate alerts to identify systemic issues and architectural improvements. Communication: Excellent ability to translate complex security risks into actionable advice for developers and DevOps engineers. Preferred / Nice-to-Have Experience writing custom detection rules for cloud environments. Relevant certifications (AWS Certified Security - Specialty, Azure Security Engineer, CCSP). Experience transitioning from one security vendor to another (e.g., migrating CSPM tools). Experience: 5-8 years Location: Bangalore What Do We Offer? Interesting Work | We hire curious trendspotters and brave trendsetters. This is NOT your boring, routine, cushy, rest-and-vest corporate job. This is the “challenge yourself” role where you learn something new every day, never stop growing, and have fun while you’re doing it. Tribe Vibe | We are more than colleagues, we are a tribe. We have a strict “no a**hole policy” and enforce it diligently. This means we spend time together - with spontaneous office happy hours, organized outings, and community volunteer opportunities. We are a diverse and distributed team, but we like to stay connected. Bragging Rights | We are dreamers and dream makers. Our efforts pay off and we work with the most prestigious brands, from big-name retailers to airlines, to professional sports teams. Your contribution will make an impact with many of the most recognizable names in almost every industry including AirFrance KLM, ASICS, Burberry, Mattel, Mitsubishi, Walmart, and many more! One Team One Dream | This is one of our values, and it shows. We don’t believe in artificial hierarchies. If you’re part of the tribe, you have an opportunity to contribute. Your voice will be heard and you will also receive regular updates about the business and its performance. Which, btw, is through the roof, so it’s a great time to be joining… To review our Privacy Policy, please click here .