{"schemaVersion":"jobsearcher.job.v1","id":"da65e29cca6c8c8fda3f73c4","url":"https://jobsearcher.com/jobs/da65e29cca6c8c8fda3f73c4","canonicalUrl":"https://jobsearcher.com/jobs/da65e29cca6c8c8fda3f73c4","title":"Information Security Engineer","description":"Ultrahuman | Information Security Engineer\r\nLocation: Remote / Bangalore\r\nAbout the Role\r\nUltrahuman is looking for an Information Security Engineer to own and scale our security posture end-to-end. This critical role is responsible for the overall security of our systems, with a core focus on data and application security.\r\nWe seek a hands-on engineer who can architect robust security defenses, manage risk, and drive security-focused initiatives across product and engineering teams. This role requires excellent problem-solving ability, a strong ownership mindset, and expertise in creating a secure-by-design environment.\r\nWhat You will Do\r\nBe in charge of data and app security, ensuring comprehensive protection for sensitive user data, intellectual property, and production applications.\r\nDesign, build, and maintain continuous security monitoring and automation pipelines (SecDevOps) to run periodic security scans against infrastructure and application code.\r\nReview, analyze, and triage the outcomes of security scans, vulnerability assessments, and penetration tests, and manage the remediation lifecycle, especially for critical and high-severity findings.\r\nActively help in various audits and compliances (e.g., ISO27001, GDPR, HIPAA, SOC2, or other industry standards), ensuring all security controls meet regulatory and contractual protections.\r\nIntroduce and enforce security best practices across all engineering functions, including secure coding standards, data encryption (in transit and at rest), and secure configuration management.\r\nPerform internal code audits from time to time and security design reviews on core systems to proactively discover hidden vulnerabilities and verify that key security controls are implemented correctly.\r\nDevelop and integrate security controls into the software development lifecycle (SDLC) to prevent security issues from reaching production environments.\r\nConfigure and monitor security log events data, usage anomaly detection, and other telemetry to quickly identify suspicious or unauthorized activity.\r\nParticipate in the security incident response program, contributing to the proactive detection, containment, and analysis of security incidents.\r\nEvaluate and manage security risks associated with third-party vendors and applications, including conducting security questionnaires and reviewing third-party penetration testing reports.\r\nWhat Were Looking For\r\n4-6 years of experience in an Information Security, Application Security (AppSec), or Data Security role.\r\nProven hands-on experience in implementing security controls for cloud platforms (e.g., AWS, GCP, Azure).\r\nStrong practical knowledge of at least one scripting language (e.g., Python) for building security tooling and automation.\r\nDeep expertise in web application security, mobile application security, and common vulnerability frameworks (e.g., OWASP Top10).\r\nExperience with compliance frameworks (e.g., ISO27001, SOC2, HIPAA, GDPR) and managing audit processes.\r\nHands-on experience configuring and analyzing output from security testing tools (SAST, DAST, vulnerability scanners).\r\nFamiliarity with security information and event management (SIEM) systems and leveraging log data for security monitoring.\r\nStrong ownership mindset and ability to work independently in a fast-paced environment.\r\nCore Skills Information Security, Application Security (AppSec), Cloud Security, Data Security, Security Automation (SecDevOps), Compliance & Auditing, Vulnerability Management, Python, Penetration Testing, IAM/Access Control\r\nJ-18808-Ljbffr","company":"Interviewpanel","rawCompany":"interviewpanel","city":"New York","state":"NY","isRemote":false,"isActive":false,"createdAt":"2026-05-23T06:48:25.866Z","occupations":[{"code":"15-1299.05","title":"Information Security Engineers","slug":"information-security-engineers"},{"code":"15-1212.00","title":"Information Security Analysts","slug":"information-security-analysts"},{"code":"15-1299.08","title":"Computer Systems Engineers/Architects","slug":"computer-systems-engineers-architects"}],"industries":[{"code":"541512","title":"Computer Systems Design Services","slug":"computer-systems-design-services"},{"code":"541511","title":"Custom Computer Programming Services","slug":"custom-computer-programming-services"},{"code":"513210","title":"Software Publishers","slug":"software-publishers"}],"jobPosting":{"@context":"https://schema.org","@type":"JobPosting","title":"Information Security Engineer","description":"Ultrahuman | Information Security Engineer\r\nLocation: Remote / Bangalore\r\nAbout the Role\r\nUltrahuman is looking for an Information Security Engineer to own and scale our security posture end-to-end. This critical role is responsible for the overall security of our systems, with a core focus on data and application security.\r\nWe seek a hands-on engineer who can architect robust security defenses, manage risk, and drive security-focused initiatives across product and engineering teams. This role requires excellent problem-solving ability, a strong ownership mindset, and expertise in creating a secure-by-design environment.\r\nWhat You will Do\r\nBe in charge of data and app security, ensuring comprehensive protection for sensitive user data, intellectual property, and production applications.\r\nDesign, build, and maintain continuous security monitoring and automation pipelines (SecDevOps) to run periodic security scans against infrastructure and application code.\r\nReview, analyze, and triage the outcomes of security scans, vulnerability assessments, and penetration tests, and manage the remediation lifecycle, especially for critical and high-severity findings.\r\nActively help in various audits and compliances (e.g., ISO27001, GDPR, HIPAA, SOC2, or other industry standards), ensuring all security controls meet regulatory and contractual protections.\r\nIntroduce and enforce security best practices across all engineering functions, including secure coding standards, data encryption (in transit and at rest), and secure configuration management.\r\nPerform internal code audits from time to time and security design reviews on core systems to proactively discover hidden vulnerabilities and verify that key security controls are implemented correctly.\r\nDevelop and integrate security controls into the software development lifecycle (SDLC) to prevent security issues from reaching production environments.\r\nConfigure and monitor security log events data, usage anomaly detection, and other telemetry to quickly identify suspicious or unauthorized activity.\r\nParticipate in the security incident response program, contributing to the proactive detection, containment, and analysis of security incidents.\r\nEvaluate and manage security risks associated with third-party vendors and applications, including conducting security questionnaires and reviewing third-party penetration testing reports.\r\nWhat Were Looking For\r\n4-6 years of experience in an Information Security, Application Security (AppSec), or Data Security role.\r\nProven hands-on experience in implementing security controls for cloud platforms (e.g., AWS, GCP, Azure).\r\nStrong practical knowledge of at least one scripting language (e.g., Python) for building security tooling and automation.\r\nDeep expertise in web application security, mobile application security, and common vulnerability frameworks (e.g., OWASP Top10).\r\nExperience with compliance frameworks (e.g., ISO27001, SOC2, HIPAA, GDPR) and managing audit processes.\r\nHands-on experience configuring and analyzing output from security testing tools (SAST, DAST, vulnerability scanners).\r\nFamiliarity with security information and event management (SIEM) systems and leveraging log data for security monitoring.\r\nStrong ownership mindset and ability to work independently in a fast-paced environment.\r\nCore Skills Information Security, Application Security (AppSec), Cloud Security, Data Security, Security Automation (SecDevOps), Compliance & Auditing, Vulnerability Management, Python, Penetration Testing, IAM/Access Control\r\nJ-18808-Ljbffr","datePosted":"2026-05-23T06:48:25.866Z","dateModified":"2026-05-23T06:48:25.866Z","hiringOrganization":{"@type":"Organization","name":"Interviewpanel","sameAs":"https://jobsearcher.com"},"jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"New York","addressRegion":"NY","addressCountry":"US"}},"identifier":{"@type":"PropertyValue","name":"JobSearcher","value":"da65e29cca6c8c8fda3f73c4"},"url":"https://jobsearcher.com/jobs/da65e29cca6c8c8fda3f73c4"}}