RELX

Software Engineer III

RELX

full-time

Posted on:

Location Type: Hybrid

Location: Chennai • 🇮🇳 India

Visit company website
AI Apply
Apply

Job Level

Mid-LevelSenior

Tech Stack

AWSAzureCloudCyber SecurityDockerGrafanaJavaKubernetesMicroservicesPythonSpringSpring BootSpringBootTerraformVault

About the role

  • Secure and maintain microservice applications and CI/CD pipelines
  • Implement DevSecOps strategy in existing and new projects
  • Develop security controls to harden CI/CD pipelines and continuously improve application security posture
  • Conduct threat modeling and security design reviews for new projects
  • Work with development teams to remediate vulnerabilities in applications
  • Monitor security events using SIEM tools (Grafana, Loki, Azure Sentinel)
  • Investigate and respond to security incidents and alerts
  • Conduct root cause analysis and implement preventive measures
  • Maintain incident response playbooks, procedures and security documentation
  • Establish secure coding standards and provide developer training
  • Integrate security gates into release pipelines (Dev → Non-Prod → Prod)

Requirements

  • 4+ years in Application Security, DevSecOps, or Software Engineering with demonstrated security focus
  • 3+ years securing cloud environments (Azure preferred, AWS acceptable, multi-cloud experience a plus)
  • B.Sc. in Computer Science, Engineering, Cybersecurity, or equivalent practical experience with demonstrable security expertise (certifications, portfolio, contributions)
  • Deep understanding of OWASP Top 10 and common vulnerability classes (injection, XSS, CSRF, etc.)
  • Working knowledge of security frameworks: NIST Cybersecurity Framework, CIS Benchmarks, MITRE ATT&CK
  • Strong grasp of the Secure Software Development Lifecycle (SSDLC) and security integration points
  • Understanding of common exploitation techniques and mitigation strategies
  • Experience with cloud IAM, network security groups, VPNs, and security policies
  • Knowledge of encryption standards, key management, and secrets handling (Azure Key Vault, AWS Secrets Manager, HashiCorp Vault, Akeyless)
  • Understanding of container security best practices (Docker, Kubernetes)
  • Familiarity with infrastructure as code security (Terraform, ARM templates)
  • Ability to read and review Java code for security vulnerabilities
  • Understanding of API security best practices (authentication, authorization, rate limiting, input validation)
  • Knowledge of authentication/authorization mechanisms (OAuth 2.0, SAML, JWT, OpenID Connect)
  • Experience with microservices security patterns (service mesh, mutual TLS, zero trust)
  • Familiarity with Spring Boot framework security features (Spring Security, etc.)
  • Strong proficiency with CI/CD security: GitHub, GitHub Actions
  • Experience integrating security tools into build pipelines (SAST, DAST, dependency scanning)
  • Proficiency with Git for version control and secure development workflows
  • Hands-on experience with security testing tools: Required: Web app security testing (Burp Suite, OWASP ZAP, or equivalent)
  • Preferred: Network analysis (Wireshark, tcpdump), port scanning (Nmap), vulnerability scanning
  • Understanding of dependency scanning and software composition analysis (Dependabot, Snyk, etc.)
  • Experience with logging and SIEM platforms for security monitoring (we use Grafana, Loki, Azure Sentinel)
  • Ability to create security dashboards and alerts
  • Familiarity with log analysis and threat hunting techniques
  • Proficiency in at least one scripting language: Python, Bash, or PowerShell
  • Experience automating security testing, compliance checks, or vulnerability management
  • Strong communication skills, ability to explain security vulnerabilities and risks to both technical and non-technical audiences
  • Thrive in a distributed/remote team environment with minimal supervision
  • Stay current with emerging threats, vulnerabilities, and security best practices
  • Security certifications (CISSP, CEH, OSCP, Azure Security Engineer Associate)
  • Experience in insurance, financial services, or regulated industries
  • Knowledge of data privacy regulations and PII/PHI handling
  • Experience with Power BI security and row-level security (RLS)
  • Background in penetration testing or red team operations
  • Contributions to open-source security projects
Benefits
  • Competitive salary
  • Flexible work hours
  • Professional development budget
  • Home office setup allowance
  • Global team events

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
Application SecurityDevSecOpsCI/CD pipelinesOWASP Top 10Secure Software Development LifecycleAPI securitymicroservices securitysecurity testing toolsscripting languagesencryption standards
Soft skills
strong communication skillsability to explain security vulnerabilitiesthrive in a distributed team environmentminimal supervisionroot cause analysispreventive measures implementationdeveloper trainingsecurity documentation maintenanceincident responsethreat modeling
Certifications
CISSPCEHOSCPAzure Security Engineer Associate
Fiserv

Tech Lead, Software Development Engineering

Fiserv
Seniorfull-time🇮🇳 India
Posted: 9 days agoSource: fiserv.wd5.myworkdayjobs.com
AWSCloudJavaJUnitKafkaMavenMicroservicesMockitoMySQLOracleRedisSpring+3 more
Fiserv

Software Development Engineer

Fiserv
Mid · Seniorfull-time🇮🇳 India
Posted: 9 days agoSource: fiserv.wd5.myworkdayjobs.com
AWSCloudJavaJUnitKafkaMavenMicroservicesMockitoMySQLOracleRedisSpring+3 more
Particleblack

Full Stack Engineer

Particleblack
Mid · Seniorfull-time🇮🇳 India
Posted: 10 days agoSource: join.com
AngularJavaScriptNode.js
PDI Technologies

Software Engineer III

PDI Technologies
Mid · Seniorfull-time🇮🇳 India
Posted: 14 days agoSource: jobs.lever.co
JavaScriptNode.jsPostgresReactTypeScript