Bestkaam Logo
Back to Jobs
ISECURION

Infrastructure & IT Security Engineer

Actively Reviewing

ISECURION

Bengaluru Full-Time 1–2 yrs exp Posted 6 hours ago  · Apply by Sep 14, 2026

Company Description:

ISECURION is a CERT-In empanelled and ISO 27001:2022 certified cybersecurity consulting company that helps organizations stay secure in a complex digital landscape. The team focuses on strengthening security posture, meeting compliance requirements, and building long-term cyber resilience for clients across industries. Services include Vulnerability Assessment & Penetration Testing (VAPT), compliance audits, cloud security, DFIR, risk assessments, and managed security services. ISECURION is known for its practical, business-focused approach that goes beyond identifying vulnerabilities to helping clients understand impact, prioritize remediation, and align with best practices and regulatory standards. The organization is driven by a team passionate about cybersecurity, research, innovation, and delivering meaningful security outcomes.


Role Description:

The Infrastructure & IT Security Engineer will be responsible for securing enterprise endpoints and network infrastructure, performing patch and vulnerability management, monitoring firewalls and SIEM platforms, conducting internal security assessments, and supporting audit and compliance activities. This role requires hands-on expertise in endpoint and network protection tools, vulnerability scanning, penetration testing, and threat mitigation.


Key Responsibilities:

 

  • Deploy, test, and manage Windows, Mac, and Linux OS patches and third-party updates using ManageEngine or equivalent tools; troubleshoot failed installations and resolve related system-level issues.
  • Monitor inbound email traffic to detect, analyze, and mitigate spam or phishing threats; investigate and respond to malware, phishing, and endpoint or network security incidents, including containment and incident reporting.
  • Manage application whitelisting and blacklisting as per organizational security policies using Trend Micro or similar endpoint protection solutions.
  • Regularly update antivirus templates and endpoint protection policies based on the latest threat intelligence.
  • Administer and monitor firewalls, VPNs, and network segmentation controls to safeguard enterprise infrastructure.
  • Support identity and access management (IAM) reviews, including privileged access and least-privilege enforcement.
  • Apply server and OS hardening standards (e.g., CIS benchmarks) across Linux and Windows infrastructure.
  • Conduct or support vulnerability scanning of internal and external infrastructure, servers, and endpoints using tools such as Nessus, Nmap, SSLScan, Metasploit, and Kali Linux utilities.
  • Perform or support web application penetration testing using tools like Burp Suite, Dirb, WPScan, and Amass.
  • Analyse, prioritize, and remediate vulnerabilities identified during VAPT (Vulnerability Assessment and Penetration Testing) activities.
  • Maintain and update an accurate IT asset inventory for patch management and security monitoring.
  • Document and maintain records of system configurations, security policies, and patch schedules.
  • Prepare and provide audit evidence and reports to support internal and external audit requirements, including ISO 27001/SOC 2 compliance activities.

Conduct internal security reviews, phishing simulations, and cybersecurity awareness sessions for employees.


Qualifications

  • Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field.
  • 1-3 years of experience in IT Security, Infrastructure Security, Endpoint Management, or Vulnerability Management.
  • Hands-on experience with ManageEngine, Trend Micro, Nessus, Nmap, Burp Suite, and similar tools.
  • Working knowledge of firewalls, VPNs, and network security tools (e.g., Palo Alto, Fortinet, Cisco ASA).
  • Familiarity with tools like Manage Engine
  • Basic understanding of cloud security controls on AWS, Azure, or GCP.
  • Strong understanding of patch management, VAPT methodologies, and incident response.
  • Good knowledge of Windows, Linux, and Mac OS environments.
  • Basic scripting/automation skills (PowerShell, Python, or Bash) for reporting and repetitive tasks.
  • Familiarity with ITSM/ticketing tools such as ServiceNow or Jira.
  • Excellent troubleshooting, analytical, and documentation skills.
  • Familiarity with security frameworks such as ISO 27001, NIST, or CIS Controls.
  • Certifications such as CEH, Security+, CompTIA CySA+, OSCP, or Network+ would be an added advantage.


Key Attributes:

 

  • Strong problem-solving skills and attention to detail.
  • Ability to work independently and in a team environment.
  • Good communication and reporting skills.
  • Proactive in identifying and mitigating potential security risks.