← back to jobs
> job detail
C
👽Other

Senior Cyber Defense Engineer – Data Protection

CME Group · Bangalore - Bagmane Tridib
// classified as
Other (Adjacent or hard to classify.)
posted
1d ago
location
Bangalore - Bagmane Tridib
languages
java, python, shell
tools
aws, azure, oracle
> stack
javapythonshellsqlawsazureoracleterraform
> education
ms
> description

This is a perfect opportunity for the right person to become a member of a cyber defense team in protecting the nation’s critical infrastructure. The Senior Cyber Defense Engineer will be a core member of the Data and Application Security engineering tower. This role will primarily focus on the Enterprise Data Protection program, with specific ownership over Database Activity Monitoring (DAM) and Imperva product suites (including Imperva Data Security Fabric, DAM, and WAF).

The role incorporates multiple technologies across data, web application, API protection, Data Loss Prevention (DLP), and AI Protection, while simultaneously driving data security compliance, risk management, and policy governance. The Senior Engineer is expected to work closely with teammates within cyber defense, database administration (DBA) teams, application development, internal/external audit groups, and business stakeholders to engineer, deploy, maintain, and optimize the global Imperva and data security infrastructure.

Position Responsibilities

  • Lead the installation, configuration, administration, and architectural engineering of Imperva platforms, including Imperva Data Security Fabric (DSF), Database Activity Monitoring (DAM), and Web Application Firewalls (WAF).

  • Develop, optimize, and manage Imperva DAM security policies, audit rules, custom assessment tests, and classification criteria to monitor sensitive enterprise databases and detect rogue activity, SQL injection, and unauthorized data access.

  • Manage WAF and API protection technologies (Imperva/WAAP) to ensure on-premises and cloud-hosted web applications are secured against OWASP Top 10 vulnerabilities, API abuse, and automated bot malicious activities.

  • Perform database vulnerability assessments and environment health checks; track system capacity, agent footprint stability, and gateway performance to guarantee operational readiness.

  • Manage AI Protection solutions (AI Prompt Jailbreak defense, AI Model protection) and DLP technologies including CASB SaaS and Email Security SaaS.

  • Use Infrastructure as Code (IaC) tools (e.g., Terraform, KCC) to automate the management and deployment of security rules in a CI/CD pipeline.

  • Coordinate the development, dissemination, and enforcement of information security policies, standards, and procedures in collaboration with IT departments and data custodians.

  • Conduct reviews and compliance audits to ensure the Global Information Security Operations Team conforms to policies, standards, laws, and regulations (e.g., GDPR, CCPA).

  • Investigate security alerts, handle data-centric incident responses, analyze Technology/Enterprise Computing controls, and perform ITIL Incident \ Problem tracking.

  • Engage closely with Internal Audit, Compliance, external auditors, and Enterprise Computing staff to ensure effective communication and reporting transparency for Global Information Security projects.

Position Requirements

  • A minimum of 5 years of dedicated engineering experience specializing in Imperva solutions (DSF, DAM, and WAF), including deep hands-on proficiency with rule creation, dashboard management, agent deployment, and reporting.

  • Minimum of 6 years of overall experience in information security, information technology, database administration, IT compliance, or IT Internal Audit.

  • Strong technical knowledge and understanding of major database platforms and operating systems, including Unix, Linux, Windows, Oracle, MS SQL, and relational/NoSQL data structures.

  • Working knowledge supporting commercial cloud provider environments (AWS, Azure, GCP) alongside cloud-native database architectures.

  • Working knowledge of Infrastructure as Code (IaC) tools such as Terraform and KCC.

  • Working knowledge with SIEM technologies, SSL Inspection, Access Control, Policy Management, and TCP/IP layer 3-7 networking structures.

  • Detailed understanding of Industry Security standards and Risk Management frameworks (e.g., ISO 27001/27002, NIST Cyber Security Framework, and ISMS implementations).

  • Excellent project management, written, and oral communication skills; ability to translate complex database security events into clear risk assessments for stakeholders.

  • Operating knowledge of ITIL processes (ITIL Certification a plus).

  • Knowledge of programming/scripting languages is a plus (e.g., Python, Java, SQL, Shell scripting).

Formal Education, Certifications and Competencies

  • BA/BS in Engineering, Computer Science, Information Security, Information Systems, or related work experience.

  • 5+ years of hands-on experience with cyber security application administration, database security operational practices, and risk management.

  • Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), or equivalent certifications (or actively working towards them) is a plus.

CME Group: Where Futures are Made

CME Group is the world’s leading derivatives marketplace. But who we are goes deeper than that. Here, you can impact markets worldwide. Transform industries. And build a career by shaping tomorrow. We invest in your success and you own it – all while working alongside a team of leading experts who inspire you in ways big and small. Problem solvers, difference makers, trailblazers. Those are our people. And we’re looking for more.

At CME Group, we embrace our employees' unique experiences and skills to ensure that everyone’s perspectives are acknowledged and valued. As an equal-opportunity employer, we consider all potential employees without regard to any protected characteristic.

Important Notice: Recruitment fraud is on the rise, with scammers using misleading promises of job offers and interviews to solicit money and personal information from job seekers. CME Group adheres to established procedures designed to maintain trust, confidence and security throughout our recruitment process. Learn more here.