Back to Jobs
Security Operations Engineer
Actively Reviewing
Guidewire Software
Job Description
Summary
Guidewire is seeking a hands-on Security Operations Engineer to join our Professional Services AI Engineering team in Bangalore. You will be the single owner of security implementation across our internal AI Engineering platform and the AI productization projects it supports.
This is an execution-focused security role with real input into security strategy. You partner with Product to shape security guidance and own its correct implementation across our infrastructure, applications, and developer workflows — knowing when a decision belongs at the policy level and escalating it accordingly. You will pair closely with the Platform Architect and Strike Team developers to bake security into every layer of the system.
Job Description
Key Responsibilities
– Hands-on experience with AWS Cognito, IAM, KMS, and Secrets Manager.
– Strong backend development skills (Python, Java, or TypeScript) — this is a hands-on engineering role, not a pure advisory one.
– Working knowledge of common compliance frameworks (SOC 2, ISO 27001, GDPR) and how to translate them into engineering controls.
– Familiarity with secure CI/CD patterns and supply-chain security (SBOM, dependency scanning).
Guidewire is the platform P&C insurers trust to engage, innovate, and grow efficiently. We combine digital, core, analytics, and AI to deliver our platform as a cloud service. More than 540+ insurers in 40 countries, from new ventures to the largest and most complex in the world, run on Guidewire.
As a partner to our customers, we continually evolve to enable their success. We are proud of our unparalleled implementation track record with 1600+ successful projects, supported by the largest R&D team and partner ecosystem in the industry. Our Marketplace provides hundreds of applications that accelerate integration, localization, and innovation.
For more information, please visit www.guidewire.com and follow us on Twitter: @Guidewire_PandC.
Guidewire Software, Inc. is proud to be an equal opportunity and affirmative action employer. We are committed to an inclusive workplace, and believe that a diversity of perspectives, abilities, and cultures is a key to our success. Qualified applicants will receive consideration without regard to race, color, ancestry, religion, sex, national origin, citizenship, marital status, age, sexual orientation, gender identity, gender expression, veteran status, or disability. All offers are contingent upon passing a criminal history and other background checks where it's applicable to the position.
Guidewire is seeking a hands-on Security Operations Engineer to join our Professional Services AI Engineering team in Bangalore. You will be the single owner of security implementation across our internal AI Engineering platform and the AI productization projects it supports.
This is an execution-focused security role with real input into security strategy. You partner with Product to shape security guidance and own its correct implementation across our infrastructure, applications, and developer workflows — knowing when a decision belongs at the policy level and escalating it accordingly. You will pair closely with the Platform Architect and Strike Team developers to bake security into every layer of the system.
Job Description
Key Responsibilities
- Authentication: Stand up and operate authentication flows across all Strike Team projects — JWT, AWS Cognito, SSO integrations, and machine-to-machine auth patterns.
- Authorization & Access Controls: Implement role-based and attribute-based access control patterns. Maintain a reusable authorization library that Strike Teams consume rather than rebuild.
- Compliance Implementation: Translate compliance requirements (SOC 2, regional data privacy, customer-driven controls) into concrete technical controls — encryption, key management, audit logging, data residency.
- IP & Network Controls: Implement IP restrictions, VPC-level network segmentation, and traffic policies that protect customer data without blocking legitimate Strike Team workflows.
- Security Patterns Library: Build and maintain a library of vetted security components (auth middleware, secret management helpers, audit log clients) that every Strike Team uses by default.
- Security Reviews & Audit Support: Review Strike Team designs for security gaps, support customer audits, and partner with the QA Architect on security-focused testing standards.
- Security controls implemented across all Strike Team projects (auth, authz, encryption, audit logging) with no critical gaps.
- Reusable security library adoption — share of teams consuming vetted components rather than rebuilding.
- Compliance readiness: SOC 2 and data-privacy controls in place; successful customer audit support.
- Time-to-remediate security findings within SLA.
- Zero preventable authentication or access-control incidents.
- Education: Bachelor’s or Master’s degree in Computer Science, Cybersecurity, or a related technical field.
- Experience: 8+ years of software engineering experience with a strong focus on security implementation — auth systems, compliance controls, or platform security.
- Technical Proficiency:
– Hands-on experience with AWS Cognito, IAM, KMS, and Secrets Manager.
– Strong backend development skills (Python, Java, or TypeScript) — this is a hands-on engineering role, not a pure advisory one.
– Working knowledge of common compliance frameworks (SOC 2, ISO 27001, GDPR) and how to translate them into engineering controls.
– Familiarity with secure CI/CD patterns and supply-chain security (SBOM, dependency scanning).
- Engineering Excellence: Track record of shipping production-grade security components. Comfortable being a coding security engineer, not just a reviewer.
- Domain Context: (Preferred) Experience in regulated industries (insurance, finance, healthcare) or multi-tenant SaaS.
- AI Security: Experience securing LLM-based applications — prompt injection defenses, output filtering, model access controls.
- Cloud Security: AWS Security Specialty certification or equivalent.
- Guidewire Knowledge: Familiarity with Guidewire Cloud security model.
- Threat Modeling: Hands-on experience running threat modeling sessions for production systems.
Guidewire is the platform P&C insurers trust to engage, innovate, and grow efficiently. We combine digital, core, analytics, and AI to deliver our platform as a cloud service. More than 540+ insurers in 40 countries, from new ventures to the largest and most complex in the world, run on Guidewire.
As a partner to our customers, we continually evolve to enable their success. We are proud of our unparalleled implementation track record with 1600+ successful projects, supported by the largest R&D team and partner ecosystem in the industry. Our Marketplace provides hundreds of applications that accelerate integration, localization, and innovation.
For more information, please visit www.guidewire.com and follow us on Twitter: @Guidewire_PandC.
Guidewire Software, Inc. is proud to be an equal opportunity and affirmative action employer. We are committed to an inclusive workplace, and believe that a diversity of perspectives, abilities, and cultures is a key to our success. Qualified applicants will receive consideration without regard to race, color, ancestry, religion, sex, national origin, citizenship, marital status, age, sexual orientation, gender identity, gender expression, veteran status, or disability. All offers are contingent upon passing a criminal history and other background checks where it's applicable to the position.
Required Skills
Similar Jobs
View all →
Security Lead / Architect
National e-Governance Division
Delhi
Security Compliance
ISO 27001
OAuth 2.0
+17
Ripik AI - Engineering Manager - Backend Architecture
Ripik.AI
Noida
Spring Boot
REST API
Event-driven architecture
+28
Solutions Architect
OP
Solution architecture
REST API
Design patterns
+31
Senior Solutions Architect
Dodge Construction Network
Kochi
Event-driven architecture
Amazon EventBridge
Machine Learning
+34
Senior Lead, Support
Majesco
India
REST API
Event-driven architecture
Vertex AI
+30
Share
Quick Apply
Upload your resume to apply for this position
–