Taro Logo
Join Taro Premium

Software Engineer - I - DevSecOps

Plum

Plum is an employee insurance and health benefits platform focused on making health insurance simple, accessible and inclusive for modern organizations.
Bengaluru, Karnataka, India
Security
Entry-Level Software Engineer
In-Person
2+ years of experience
Finance · Healthcare

Description For Software Engineer - I - DevSecOps

Plum is an employee insurance and health benefits platform focused on making health insurance simple, accessible and inclusive for modern organizations. Healthcare in India is seeing a phenomenal shift with inflation in healthcare costs 3x that of general inflation. A majority of Indians are unable to afford health insurance on their own; and so as many as 600mn Indians will likely have to depend on employer-sponsored insurance.

Plum is on a mission to provide the highest quality insurance and healthcare to 10 million lives by FY2030, through companies that care. Plum is backed by Tiger Global and Peak XV Partners.

As a Software Engineer - I - DevSecOps at Plum, you will:

  • Perform security assessments and audits of our infrastructure, identifying and mitigating security gaps and weaknesses.
  • Use Terraform and other infrastructure as code tools, managing vulnerabilities, policies and implementing best practices.
  • Conduct in-depth security reviews of application code, working closely with developers to code securely from the outset and address issues early during coding and testing phases.
  • Work with SAST, SCA, and DAST, addressing real-world challenges in these areas.
  • Implement and manage security tools within the CI/CD pipeline, focusing on DevSecOps practices.
  • Monitor and analyse logs, events, and metrics to identify security incidents, potential breaches, and emerging threats.
  • Handle runtime security, image scanning, network security, access control, host OS hardening, and vulnerability management in the container lifecycle.
  • Develop and maintain incident response plans, procedures, and playbooks for effective handling of security incidents and breaches.
  • Design, implement, and maintain security measures for our cloud infrastructure, including VPCs, security groups, IAM roles, and access controls.
  • Maintain security hardening configurations and guidance for diverse services across AWS, GPC and other public cloud providers.

Join us in our mission to revolutionize health insurance and make a significant impact on millions of lives in India!

Last updated 2 months ago

Responsibilities For Software Engineer - I - DevSecOps

  • Perform security assessments and audits of our infrastructure, identifying and mitigating security gaps and weaknesses
  • Use Terraform and other infrastructure as code tools, managing vulnerabilities, policies and implementing best practices
  • Conduct in-depth security reviews of application code, working closely with developers to code securely
  • Work with SAST, SCA, and DAST, addressing real-world challenges
  • Implement and manage security tools within the CI/CD pipeline, focusing on DevSecOps practices
  • Monitor and analyse logs, events, and metrics to identify security incidents, potential breaches, and emerging threats
  • Handle runtime security, image scanning, network security, access control, host OS hardening, and vulnerability management in the container lifecycle
  • Develop and maintain incident response plans, procedures, and playbooks
  • Design, implement, and maintain security measures for cloud infrastructure
  • Maintain security hardening configurations and guidance for diverse cloud services

Requirements For Software Engineer - I - DevSecOps

  • 2+ years of Security Engineering experience preferably in AWS or GCP Cloud
  • Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent work experience)
  • Strong knowledge of security principles, best practices, and common vulnerabilities (e.g., OWASP Top 10)
  • Familiar with SAST, DAST, Fuzzing, and other tools
  • Experience with Wiz, Prisma Cloud, Jira, Confluence & Terraform / CloudFormation (Infrastructure as a code)
  • Familiarity with CI/CD tools such as GitHub Actions, Jenkins or CircleCI
  • Experience with security technologies, such as firewalls, IDS/IPS, SIEM, DLP, antivirus, and vulnerability scanners
  • Good understanding of cloud security architecture, security assessments, audit standards for the Cloud, security threats in the cloud
  • Solid understanding of network protocols, TCP/IP, and network security concepts
Interested in this job?

Jobs Related To Plum Software Engineer - I - DevSecOps

Ads Threat Intelligence Security Developer
Google

Security Developer role focusing on threat intelligence and protection of Google's advertising ecosystem through security assessments and tool development.

Security Engineer, Infrastructure Protection
Google

Security Engineer position at Google focusing on infrastructure protection, security assessments, and vulnerability testing.

Security Software Engineer - Crypto Services, Enterprise Systems
Apple

Security Software Engineer role at Apple focusing on developing cryptographic services for business-critical functions.

Associate Cyber Security Engineer
WorkWave

Entry-level Cyber Security Engineer position at WorkWave, focusing on security implementation and compliance management, offering remote work options and comprehensive benefits.

Ads Threat Intelligence Security Developer
Google

Entry-level Security Developer position at Google focusing on ads threat intelligence, requiring 1 year of security assessment and coding experience.

Taro Footer Icon
Taro Footer Logo
Explore CompaniesAmazonGoogleMetaMicrosoftNetflixApple
Explore Jobs By LevelEntry-Level Software Engineer JobsMid-Level Software Engineer JobsSenior Software Engineer JobsStaff Software Engineer Jobs
Explore TrendingLayoffsPerformance Improvement PlanSystem DesignInterpersonal CommunicationTech Lead
Explore Job InternshipsSoftware Engineering InternshipsGoogle InternshipsMeta InternshipsAmazon InternshipsApple InternshipsTesla InternshipsMicrosoft Internships
ProductBecome An AffiliateGreat DiscussionsPerksTopics
CompanyBlogPrivacy PolicyTerms & ConditionsSupport
Taro iOS appTaro Android app
LinkedIn IconTwitter IconYouTube Icon
Copyright © Taro