
Bureau · Bangalore
ABOUT BUREAU Bureau is a unified risk decisioning platform for Compliance, Fraud, and Transaction risks. Our platform is a single decision-making engine, power...
Bureau is a unified risk decisioning platform for Compliance, Fraud, and Transaction risks. Our platform is a single
decision-making engine, powered by a 1 billion+ identity knowledge graph. Over 150 Banks, fintechs, retailers, and digital
platforms use Bureau to verify identities faster and stop fraud earlier globally.
Bureau has raised $50M+ from renowned Silicon Valley and global investors including Sorenson Capital and PayPal Ventures and is
expanding rapidly from APAC to Americas, Europe, and beyond.
Bureau is building the infrastructure that makes digital identities and transactions safe and trustworthy for billions of people.
The mission is big, the problems are complex, and the impact is real.
We hire people who want that level of responsibility. People who move fast, build systems from scratch, and care deeply about
turning strategy into execution. If you want predictability or narrow scope, this won't be your place. If you want to shape how a
scaling global company operates—keep reading.
We are looking for a Security Engineer who can own both the hands-on technical security stack and our governance/compliance
programs.
What you’ll be doing
This is ideal for someone who doesn’t want to be only “checklist GRC” or only “pure blue-team”, but wants a blended role across
security engineering + GRC.Key Responsibilities
1. Cloud & Infrastructure Security (Hands-on)
with SIEM / alerting.
2. Vulnerability Management & Security Operations
3. Governance, Risk & Compliance (ISMS, Audits, DPDP)
4. Access, Asset & Control Assurance
What You’ll Bring
Preferred (Good to Have) / Willing to Learn
Who You Are
written down.
certifications) over the next few years.
About Zscaler Zscaler accelerates digital transformation to ensure our customers can be more agile, efficient, resilient, and secure. As an AI-forward enterprise, we are constantly pushing the envelope, leveraging the world’s largest security data lake to power our cloud-native Zero Trust Exchange platform. This innovation protects our customers from cyberattacks and data loss by securely connecting users, devices, and applications in any location. Here, impact in your role matters more than title and trust is built on results. We say, impact over activity. We seek innovators who actively use AI to amplify their impact and who thrive in an environment where we leverage intelligent systems to stay ahead of evolving threats. We believe in transparency and value constructive, honest debate—we’re focused on getting to the best ideas, faster. We build high-performing teams that can make an impact quickly and with high quality. To do this, we are building a culture of execution centered on customer obsession, collaboration, ownership, and accountability. We value high-impact, high-accountability with a sense of urgency where you’re enabled to do your best work and embrace your potential. If you’re driven by purpose, thrive on solving complex challenges, and want to be part of the team that’s helping to secure the AI age, we invite you to bring your talents to Zscaler and help shape the future of cybersecurity. Role We are looking for a Principal Engineer, Vulnerability & Exposure Management to join our team. This is a hybrid role, reporting to the Senior Manager, Information Security Engineering in the Product Security department. This critical role helps modernize how we discover, prioritize, and reduce security exposure across infrastructure, cloud, applications, APIs, endpoints, containers, and internet-facing assets. As an individual contributor, you will operate both strategically and technically to define the operating model, build scalable workflows, influence engineering teams, and dive deep into findings, coverage gaps, scanner limitations, and remediation paths with a strong builder mindset. What you’ll do (Role Expectations) * Lead comprehensive vulnerability and exposure management initiatives across infrastructure, cloud, APIs, and containers, evolving the function from a traditional reporting role into a high-leverage product security engineering capability * Define advanced, risk-based prioritization models that go beyond standard CVSS by integrating threat intelligence and business context, drastically reducing noise and duplicate findings for engineering teams * Design and deploy automated data pipelines, scripting, and workflow orchestration to streamline the entire lifecycle of asset discovery, authenticated scanning, triage, routing, and validation * Drive external attack surface management (EASM) to map internet-facing assets while aggressively identifying program gaps, including unauthenticated scans, stale asset ownership, and untracked exceptions * Collaborate directly with DevOps, IT, and Engineering teams to translate complex vulnerability data into practical technical guidance, durable infrastructure improvements, and leadership-ready performance metrics Who You Are (Success Profile) * You thrive in ambiguity. You're comfortable building the path as you walk it. You thrive in a dynamic environment, seeing ambiguity not as a hindrance, but as the raw material to build something meaningful. * You act like an owner. Your passion for the mission fuels your bias for action. You operate with integrity because you genuinely care about the outcome. True ownership involves leveraging dynamic range: the ability to navigate seamlessly between high-level strategy and hands-on execution. * You are a problem-solver. You love running towards the challenges because you are laser-focused on finding the solution, knowing that solving the hard problems delivers the biggest impact. * You are a high-trust collaborator. You are ambitious for the team, not just yourself. You embrace our challenge culture by giving and receiving ongoing feedback—knowing that candor delivered with clarity and respect is the truest form of teamwork and the fastest way to earn trust. * You are a learner. You have a true growth mindset and are obsessed with your own development, actively seeking feedback to become a better partner and a stronger teammate. You love what you do and you do it with purpose. What We’re Looking for (Minimum Qualifications) * Foundational understanding of AI/ML technologies and experience leveraging, securing, or positioning AI-driven solutions to optimize outcomes within your functional domain * 12+ years of experience in security engineering or product security, including 7+ years of hands-on experience driving and scaling vulnerability and exposure management programs within complex environments * Deep understanding of scanner mechanics (including authenticated/unauthenticated scanning, coverage gaps, and asset correlation) paired with proficiency in platforms like Tenable, Qualys, Wiz, CrowdStrike, or Burp Suite * Practical experience implementing risk-based frameworks that leverage modern exploitability signals, threat intelligence, KEV, EPSS, and asset criticality to prioritize threats effectively * Hands-on automation capabilities using Python, PowerShell, APIs, data pipelines, or workflow orchestration platforms to eliminate manual operational overhead, combined with a proven ability to partner collaboratively with engineering teams to drive remediation and translate complex technical data into clear insights for senior leadership What Will Make You Stand Out (Preferred Qualifications) * Experience leveraging AI/ML technologies and advanced orchestration platforms to design intelligent, self-service triage, automated remediation routing, and predictive exposure analysis workflows * Extensive experience securing multi-cloud environments (AWS, Azure, GCP) and containerized architecture (Kubernetes), including image scanning, runtime security, and embedding security guardrails into CI/CD and DevSecOps pipelines * Proven track record in advanced vulnerability prioritization strategies (EASM, CTEM, and attack-path analysis) paired with the ability to integrate vulnerability data seamlessly into CMDBs, asset inventories, and ownership tracking systems #LI-Hybrid #LI-PM5 At Zscaler, we are committed to building a team that reflects the communities we serve and the customers we work with. We foster an inclusive environment that values all backgrounds and perspectives, emphasizing collaboration and belonging. Join us in our mission to make doing business seamless and secure. Our Benefits program is one of the most important ways we support our employees. Zscaler proudly offers comprehensive and inclusive benefits to meet the diverse needs of our employees and their families throughout their life stages, including: * Various health plans * Time off plans for vacation and sick time * Parental leave options * Retirement options * Education reimbursement * In-office perks, and more! Learn more about Zscaler's hybrid working model and benefits here. By applying for this role, you adhere to applicable laws, regulations, and Zscaler policies, including those related to security and privacy standards and guidelines. Zscaler is committed to providing equal employment opportunities to all individuals. We strive to create a workplace where employees are treated with respect and have the chance to succeed. All qualified applicants will be considered for employment without regard to race, color, religion, sex (including pregnancy or related medical conditions), age, national origin, sexual orientation, gender identity or expression, genetic information, disability status, protected veteran status, or any other characteristic protected by federal, state, or local laws. See more information by clicking on the Know Your Rights: Workplace Discrimination is Illegal link. Pay Transparency Zscaler complies with all applicable federal, state, and local pay transparency rules. Zscaler is committed to providing reasonable support (called accommodations or adjustments) in our recruiting processes for candidates who are differently abled, have long term conditions, mental health conditions or sincerely held religious beliefs, or who are neurodivergent or require pregnancy-related support.
For over 20 years, Smartsheet has empowered teams to manage work seamlessly and scale solutions smarter. Now, in our most ambitious chapter yet, we are uniting human teams with AI agents. By orchestrating the work agents do best, automating manual tasks and uncovering insights at scale, we create the space for people to focus on what truly matters: judgment, creativity, and big thinking. That is magic at work, and it’s what we show up for every day. Automation is the key to creating highly reliable and secure large-scale software systems. Are you someone who engineers solutions to problems rather than simply fixing the same thing over and over again? Can you protect Smartsheet against attackers? We are looking for a Senior DevSecOps Engineer to join our global Security Operations team. In this critical role, you will be a leader in maturing our security and reliability posture by treating both as software engineering challenges. You will engineer and operate a highly reliable, scalable, and defensible production environment, directly impacting our ability to deliver a world-class service to our customers 24/7. This is a unique opportunity to blend deep expertise in Site Reliability Engineering (SRE) and modern Security Operations, working at the intersection of infrastructure, automation, and security to build a platform that is resilient and secure by design. You Will: * Engineer Secure and Resilient Infrastructure: Design, build, maintain, and improve secure, scalable, and highly available infrastructure in our multi-cloud environment (primarily AWS) using Infrastructure as Code (IaC) principles with tools like Terraform, Kubernetes, and Helm. * Automate Proactive Security: Engineer and automate threat detection, incident response, and vulnerability management processes. You will build the tools and workflows that allow us to respond to threats at machine speed. * Secure the Software Development Lifecycle: Architect and secure our CI/CD pipelines, integrating automated security tooling (SAST, DAST, SCA) to provide developers with fast, actionable feedback. * Master Container Security: Manage, operate, and secure our container orchestration platform (Kubernetes), implementing best practices for container security from the registry to runtime, including knowledge of hardening requirements such as CIS Benchmarks or DISA STIG. * Lead Incident Response: Act as a technical lead during security and reliability incidents, driving resolution and conducting blameless post-mortems to engineer preventative solutions. * Drive Automated Compliance: Implement and automate technical controls to ensure continuous compliance with frameworks such as FedRAMP, SOC 2, and ISO 27001. * Mentor and Lead: Serve as a subject matter expert for security and reliability, mentoring other engineers and championing a culture of operational excellence and security ownership across the organization. You Have: * 8+ years of progressive experience in technology, with at least 5 years in a hands-on senior role such as Site Reliability Engineering, DevOps, or Security Engineering. * A BS or MS in Computer Science, Engineering, or a related field, or equivalent industry experience. * Expert-level proficiency in at least one major cloud provider, preferably AWS, with deep knowledge of core infrastructure and security services. * Expert-level proficiency with Infrastructure as Code, particularly Terraform. * Expert-level proficiency in a scripting or programming language such as Python, Go, or Ruby, with a proven history of building automation and custom tooling. * Deep experience with containerization and orchestration technologies (Kubernetes), including securing containerized environments. * Proficiency with the modern security operations toolchain, including SIEM, EDR, and vulnerability scanning technologies. * Experience integrating security tools (SAST, DAST, SCA) into CI/CD pipelines. * A critical thinker with a proven ability to troubleshoot complex problems in high-pressure production environments. * Excellent verbal and written communication skills and a collaborative spirit. This will include fluency in English. Nice to Have * Advanced industry certifications such as CISSP, CISM, OSCP, or cloud-specific security certifications. * Experience with compliance frameworks like FedRAMP, ISO27001, SOC2. Get to Know Us: At Smartsheet, your ideas are heard, your potential is supported, and your contributions have real impact. You’ll have the freedom to explore, push boundaries, and grow beyond your role. We welcome diverse perspectives and nontraditional paths—because we know that impact comes from individuals who care deeply and challenge thoughtfully. When you’re doing work that stretches you, excites you, and connects you to something bigger, that’s magic at work. Let’s build what’s next, together. Equal Opportunity Employer: Smartsheet is an Equal Opportunity (EEO) employer committed to fostering an inclusive environment with the best employees. It is our policy to provide equal employment opportunities to all qualified applicants in accordance with applicable laws in the US, UK, Australia, Germany, Costa Rica, Japan, Bulgaria, India, and Singapore. All qualified applicants will receive consideration without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran or disabled status, or genetic information. If there are preparations we can make to help ensure you have a comfortable and positive interview experience, please let us know. #LI-Remote
About Zscaler Zscaler accelerates digital transformation to ensure our customers can be more agile, efficient, resilient, and secure. As an AI-forward enterprise, we are constantly pushing the envelope, leveraging the world’s largest security data lake to power our cloud-native Zero Trust Exchange platform. This innovation protects our customers from cyberattacks and data loss by securely connecting users, devices, and applications in any location. Here, impact in your role matters more than title and trust is built on results. We say, impact over activity. We seek innovators who actively use AI to amplify their impact and who thrive in an environment where we leverage intelligent systems to stay ahead of evolving threats. We believe in transparency and value constructive, honest debate—we’re focused on getting to the best ideas, faster. We build high-performing teams that can make an impact quickly and with high quality. To do this, we are building a culture of execution centered on customer obsession, collaboration, ownership, and accountability. We value high-impact, high-accountability with a sense of urgency where you’re enabled to do your best work and embrace your potential. If you’re driven by purpose, thrive on solving complex challenges, and want to be part of the team that’s helping to secure the AI age, we invite you to bring your talents to Zscaler and help shape the future of cybersecurity. Role We are looking for an experienced Escalation Engineer to join our Customer Success team. This is a hybrid role based in Bangalore, you will report to the Escalation Manager. Our Customer Success Strategy & Operations team uses valuable data and market research to help our customers succeed and drive value. You'll be an integral part of solving challenges faced by our client-facing teams to help make Zscaler more efficient in meeting our customers' needs. What you’ll do (Role Expectations) * Own and resolve the highest-severity technical escalations through deep analysis, ensuring fast resolution and managing the on-call rotation for critical issues * Troubleshoot and resolve complex issues across Zscaler cloud security services, configuration, policy engines, APIs, and AI-assisted capabilities * Investigate and resolve scenarios related to the secure use of AI models, governance of AI agents, data protection, and inference security * Perform detailed log, telemetry, and packet-level analysis to identify the root cause, reproducing complex defects, providing engineering-ready bug reports, and validating fixes * Drive cross-functional collaboration with Engineering, Cloud Ops, and Product Management, while also creating advanced troubleshooting documentation and acting as a technical mentor to uplift support capability Who You Are (Success Profile) * You thrive in ambiguity. You're comfortable building the path as you walk it. You thrive in a dynamic environment, seeing ambiguity not as a hindrance, but as the raw material to build something meaningful. * You act like an owner. Your passion for the mission fuels your bias for action. You operate with integrity because you genuinely care about the outcome. True ownership involves leveraging dynamic range: the ability to navigate seamlessly between high-level strategy and hands-on execution. * You are a problem-solver. You love running towards the challenges because you are laser-focused on finding the solution, knowing that solving the hard problems delivers the biggest impact. * You are a high-trust collaborator. You are ambitious for the team, not just yourself. You embrace our challenge culture by giving and receiving ongoing feedback—knowing that candor delivered with clarity and respect is the truest form of teamwork and the fastest way to earn trust. * You are a learner. You have a true growth mindset and are obsessed with your own development, actively seeking feedback to become a better partner and a stronger teammate. You love what you do and you do it with purpose. What We’re Looking for (Minimum Qualifications) * Demonstrated curiosity and active exploration of AI tools, with a proven history of integrating new technologies to enhance daily workflows and augment problem-solving * 4–10 years of deep technical support, cloud support engineering, or escalation engineering experience * Strong understanding of AI model security, data governance, AI agent behavior, and safe enterprise deployment principles * Proficiency with APIs, JSON, logging frameworks, Linux CLI, debugging tools, and cloud-based distributed systems * Exposure to cloud platforms (AWS/GCP/Azure) and identity, policy, or proxy-based architectures What Will Make You Stand Out (Preferred Qualifications) * Demonstrated experience with Zscaler products (ZIA, ZPA, ZDX) or similar cloud security platforms, including knowledge of enterprise networking, TLS/SSL inspection, and authentication flows * Familiarity with LLM-based system behavior, data leakage prevention in AI, and establishing model access policy controls * Proficiency in scripting for automation, efficient troubleshooting, and reproducing complex customer environments #LI-RR #LI-Hybrid At Zscaler, we are committed to building a team that reflects the communities we serve and the customers we work with. We foster an inclusive environment that values all backgrounds and perspectives, emphasizing collaboration and belonging. Join us in our mission to make doing business seamless and secure. Our Benefits program is one of the most important ways we support our employees. Zscaler proudly offers comprehensive and inclusive benefits to meet the diverse needs of our employees and their families throughout their life stages, including: * Various health plans * Time off plans for vacation and sick time * Parental leave options * Retirement options * Education reimbursement * In-office perks, and more! Learn more about Zscaler's hybrid working model and benefits here. By applying for this role, you adhere to applicable laws, regulations, and Zscaler policies, including those related to security and privacy standards and guidelines. Zscaler is committed to providing equal employment opportunities to all individuals. We strive to create a workplace where employees are treated with respect and have the chance to succeed. All qualified applicants will be considered for employment without regard to race, color, religion, sex (including pregnancy or related medical conditions), age, national origin, sexual orientation, gender identity or expression, genetic information, disability status, protected veteran status, or any other characteristic protected by federal, state, or local laws. See more information by clicking on the Know Your Rights: Workplace Discrimination is Illegal link. Pay Transparency Zscaler complies with all applicable federal, state, and local pay transparency rules. Zscaler is committed to providing reasonable support (called accommodations or adjustments) in our recruiting processes for candidates who are differently abled, have long term conditions, mental health conditions or sincerely held religious beliefs, or who are neurodivergent or require pregnancy-related support.