Search by job, company or skills

Quantanite

DevSecOps Engineer Cloud & AI Security

Save
  • Posted 14 hours ago
  • Be among the first 10 applicants
Early Applicant

Job Description

Senior Azure AI Security Engineer

Location: Thane / Mumbai, India

Start Date: ASAP

Reporting to: Technical Project Manager

About Quantanite

Quantanite is a customer experience & digital outsourcing solutions company helping fast-growing businesses & global brands transform operations through intelligent automation, GenAI, & exceptional people.

About the Role

We are seeking a Senior Azure AI Security Engineer to lead hands-on security implementation across Quantanite's application, cloud, & AI infrastructure estate.

As we build & deploy AI-powered platforms on Azure, this role will ensure security is embedded across the development lifecycle, deployment pipelines, & infrastructure design. You'll design, implement, & continuously improve controls across software, data, cloud, & AI layers.

This is an engineering-first role for a practitioner who can threat-model AI systems, harden Kubernetes & Azure environments, build secure CI/CD pipelines, & guide engineering teams on secure coding practices.

Key Responsibilities

1. Application & Software Security

  • Embed security controls throughout the software development lifecycle (SDLC) — from design reviews & threat modelling to code scanning, testing, & post-deployment monitoring.
  • Implement & manage SAST (Static Application Security Testing), DAST (Dynamic Application Security Testing), & SCA (Software Composition Analysis) tooling within CI/CD pipelines.
  • Define & enforce secure coding standards & conduct security-focused code reviews across application teams.
  • Implement & manage secrets management, certificate lifecycle management, & key rotation practices.
  • Design & enforce authentication & authorisation frameworks: OAuth 2.0, OIDC, RBAC, & least-privilege access patterns across applications.
  • Own vulnerability assessment & remediation across application components — identifying, prioritising, & tracking fixes to closure.
  • Implement & maintain Web Application Firewall (WAF) rules, API security gateways, & input validation controls.

2. AI Security Controls

  • Define & implement security controls specific to AI/ML systems: model access controls, prompt injection defences, adversarial input handling, & output validation.
  • Implement data security for AI pipelines — including per-tenant data isolation, encryption-at-rest & in-transit (AES-256, TLS 1.3/mTLS), & secure data ingestion from external client sources.
  • Design & enforce data governance controls for AI training & inference environments: data lineage, access logging, & retention policy enforcement.
  • Assess & mitigate risks specific to LLM & GenAI deployments: model inversion attacks, data leakage through model outputs, jailbreak vectors, & supply chain risks in AI frameworks.
  • Establish security review processes for AI model deployment, including model signing, registry security, & inference endpoint hardening.
  • Collaborate with AI/ML engineers to ensure RAG pipelines, vector databases, & agentic workflows are built with security-first design principles.
  • Stay current with evolving AI security standards & frameworks (e.g. OWASP LLM Top 10, MITRE ATLAS, NIST AI RMF) & translate these into actionable controls.

3. Azure Cloud Infrastructure Security

  • Design & implement a secure Azure landing zone: VNet architecture, Network Security Groups (NSGs), Azure Firewall, Private Endpoints, & subnet segmentation.
  • Implement & manage Azure Security Centre / Microsoft Defender for Cloud — continuously monitoring posture, alerts, & compliance scores.
  • Harden Azure PaaS services: Azure App Service, Azure Kubernetes Service (AKS), Azure Container Registry, Azure API Management, Azure SQL, & Azure Data Lake Storage.
  • Manage Azure Active Directory / Entra ID: Conditional Access policies, Privileged Identity Management (PIM), managed identities, & service principal governance.
  • Implement & maintain Azure Key Vault for secrets, certificates, & encryption key management across all environments.
  • Design & enforce Infrastructure as Code (IaC) security practices — security policy-as-code, automated scanning of Terraform/Bicep/ARM templates, & drift detection.
  • Establish cloud security posture management (CSPM) processes & remediation workflows for misconfigurations & policy violations.
  • Design & implement DDoS protection, rate limiting, & bot mitigation controls at the network & application layers.

4. DevSecOps Pipeline & Automation

  • Build & maintain security gates within CI/CD pipelines (Azure DevOps / GitHub Actions) — integrating security scanning, compliance checks, & automated approval workflows.
  • Implement container security scanning (image vulnerability scanning, runtime security) for Docker & Kubernetes workloads.
  • Automate security compliance checks & reporting against standards including ISO 27001, SOC 2, & GDPR using Azure Policy & custom automation.
  • Establish security monitoring, alerting, & incident response pipelines using Azure Monitor, Microsoft Sentinel (SIEM), & Log Analytics.
  • Define & test incident response runbooks for cloud & application security events, including breach containment & recovery procedures.

5. Governance, Compliance & Collaboration

  • Conduct regular vulnerability assessments & penetration testing — managing external testing engagements & remediating findings.
  • Provide technical security inputs for client due diligence, RFP responses, & compliance audit evidence (ISO 27001, SOC 2, GDPR, client-specific requirements).
  • Work closely with the InfoSec Leader on aligning technical controls with the organisation's information security policy framework.
  • Act as a security advisor & enabler to engineering teams — running secure design workshops, threat modelling sessions, & developer security awareness training.
  • Maintain security documentation: architecture decision records, control evidence, risk registers, & remediation tracking.

Required Skills & Qualifications

Education & Experience

  • Bachelor's degree in Computer Science, Information Security, or a related field.
  • 5–8 years of experience in a DevSecOps, Cloud Security, or Application Security engineering role.
  • Demonstrable hands-on experience across both application security & cloud infrastructure security.
  • Prior experience in a security role supporting AI/ML or data-intensive platforms is a strong advantage.

Application & AI Security

  • Proficiency with SAST/DAST/SCA tools: Snyk, Checkmarx, OWASP ZAP, or equivalent.
  • Strong understanding of OWASP Top 10 (web), OWASP API Security Top 10, & OWASP LLM Top 10.
  • Hands-on experience with secrets management tools: Azure Key Vault, or equivalent.
  • Experience securing APIs: authentication (OAuth 2.0, API keys, mTLS), rate limiting, input validation, & API gateway configuration.
  • Understanding of AI/ML security risks — prompt injection, data poisoning, model exfiltration, & adversarial attacks & practical mitigation approaches.
  • Familiarity with data encryption standards: AES-256 encryption at rest, TLS 1.3 & mTLS in transit, envelope encryption, & key management.

Azure Cloud Security

  • Hands-on expertise with Azure security services: Microsoft Defender for Cloud, Microsoft Sentinel, Azure Firewall, Azure DDoS Protection, Azure Policy, Azure Key Vault.
  • Strong working knowledge of Azure networking security: VNets, NSGs, UDRs, Private Endpoints, Application Gateway with WAF, Azure Front Door.
  • Experience hardening Azure PaaS services & AKS (Kubernetes) workloads, including pod security, network policies, & image scanning.
  • Proficiency with Azure Active Directory / Entra ID: Conditional Access, PIM, managed identities, & RBAC.
  • Cloud security benchmarks: CIS Azure Foundations, Microsoft Cloud Security Benchmark (MCSB).

DevSecOps & Infrastructure as Code

  • Experience building security into CI/CD pipelines using Azure DevOps or GitHub Actions.
  • Proficiency with Infrastructure as Code tools: Terraform, Bicep, or ARM — including IaC security scanning.
  • Scripting skills in Python, PowerShell, or Bash for automation of security tasks & compliance checks.
  • Experience with container security: Docker image hardening, Kubernetes security policies, container runtime protection.
  • Familiarity with Git-based workflows, branch protection, signed commits, & dependency security management

Preferred Experience

  • Relevant security certifications: AZ-500 (Azure Security Engineer), SC-200 (Security Operations Analyst), CISSP, CEH, OSCP, or equivalent.
  • Experience working in a BPO, contact centre, or digital services environment handling client data under strict confidentiality requirements.
  • Familiarity with multi-tenant SaaS security architecture — per-tenant data isolation, encryption key segregation, & audit logging.
  • Experience preparing for & supporting external security audits & penetration testing engagements.
  • Familiarity with regulatory frameworks relevant to BPO & data processing: GDPR, CCPA, ISO 27001, SOC 2 Type II.
  • Exposure to AI governance frameworks such as NIST AI RMF or MITRE ATLAS.
  • Experience with SIEM platforms: Microsoft Sentinel, Splunk, or equivalent — including custom detection rule authoring.

Soft Skills

  • Strong analytical & problem-solving skills — comfortable owning security issues from discovery through to remediation.
  • Excellent communication skills: able to articulate security risks & controls clearly to both technical & non-technical stakeholders.
  • Collaborative & advisory mindset
  • High ownership, proactive, & delivery-focused
  • Ability to work effectively in a fast-paced environment where technology stacks & threats evolve rapidly.
  • High personal resilience & achievement orientation.

Benefits & Development

At Quantanite, we offer a flexible & engaging work environment, development opportunities, regular team events, & a culture shaped by our Purpose & Values. You'll have a personal development plan & manager support to help you grow in the areas that matter to you, & . As our organisation continues to expand, you'll also have opportunities to progress internally.

If you're looking for a career full of purpose & potential, we'd love to hear from you.

More Info

Job Type:
Industry:
Employment Type:

About Company

Job ID: 151077471