Job Overview
Location
Mumbai
Job Type
Full-time
Category
Software Engineering
Date Posted
October 27, 2025
Full Job Description
đź“‹ Description
- • Architect and continuously improve the security posture of JioStar’s multi-cloud, multi-region streaming platform that serves 750 million weekly viewers. You will own the end-to-end lifecycle of security controls—from design and deployment through monitoring and incident response—ensuring that every frame of content and every byte of user data is protected against evolving threats.
- • Design and implement hardened IAM policies, security groups, WAF rules, and least-privilege network ACLs across AWS, GCP, and Azure. You will translate complex business requirements into repeatable, auditable Terraform and CloudFormation modules that can be rolled out at scale without downtime for live sporting events or prime-time premieres.
- • Secure containerized workloads running on self-managed and managed Kubernetes clusters. You will craft admission controllers, Pod Security Policies, and OPA/Gatekeeper rules to prevent misconfigurations, enforce image signing, and block supply-chain attacks before they reach production.
- • Build and maintain a defense-in-depth strategy for hybrid infrastructure that spans on-prem data centers, CDN edges, and serverless functions. This includes network micro-segmentation, mutual TLS everywhere, envelope encryption for object storage, and automated key rotation using KMS and Secrets Manager.
- • Embed security into CI/CD pipelines by integrating SAST, DAST, SCA, and IaC scanning tools (e.g., Checkov, Trivy, Prisma Cloud). You will write Python and Bash automation that gates risky builds, opens Jira tickets for findings, and provides developers with actionable remediation guidance within minutes—not days.
- • Establish real-time threat detection and response using CloudTrail, GuardDuty, Security Command Center, and a centralized SIEM. You will author correlation rules, tune false positives, and create playbooks that allow the SOC to contain threats within the critical five-minute window during high-traffic live streams.
- • Lead cloud security reviews and purple-team exercises, identifying misconfigurations such as overly permissive S3 buckets, exposed metadata services, or vulnerable third-party Helm charts. You will partner with engineering squads to prioritize fixes based on exploitability and business impact.
- • Support compliance initiatives under ISO 27001, SOC 2, and regional data-protection laws by generating evidence packs, mapping controls to cloud resources, and automating evidence collection so audits become a non-event rather than a fire drill.
- • Contribute to incident response for security events affecting OTT platforms—ranging from credential-stuffing attacks against user accounts to attempted DRM circumvention. You will perform log forensics, coordinate containment, and present post-mortems that drive systemic improvements.
- • Evangelize secure-by-design culture across product, data, and platform teams. You will run threat-modeling workshops, publish security advisories, and mentor junior engineers, ensuring that every new feature launched for JioStar’s 750 million viewers meets the highest security bar.
🎯 Requirements
- • 3–6 years of hands-on experience securing production workloads on AWS, GCP, or Azure with deep familiarity in IAM, KMS, VPC, CloudTrail, GuardDuty, or equivalent services
- • Proficiency in Infrastructure as Code using Terraform or CloudFormation; ability to write modular, version-controlled templates that enforce security baselines
- • Strong scripting skills in Python and Bash for automation, plus experience integrating security tooling into CI/CD platforms like Jenkins, GitHub Actions, or GitLab CI
- • Working knowledge of container and Kubernetes security, including admission controllers, Pod Security Standards, image scanning, and secrets management
- • Bachelor’s degree in Computer Science, Information Security, Engineering, or related field; Master’s degree is a plus
🏖️ Benefits
- • Opportunity to safeguard content and data for a platform reaching 750 million weekly viewers across entertainment and sports
- • Work in a truly global media & entertainment company at the cutting edge of OTT technology and live-streaming innovation
- • Collaborative, inclusive culture that values diversity and ensures an environment free from discrimination
- • Continuous learning budget and access to the latest cloud security certifications, conferences, and threat-intel feeds
Skills & Technologies
Python
AWS
Azure
GCP
Docker
Mobile
Hybrid
Degree Required
About Jiostar Technologies Private Limited
Jiostar Technologies Private Limited is an Indian technology company delivering enterprise-grade digital transformation solutions. The firm specializes in cloud infrastructure, data analytics, cybersecurity, and AI-driven business applications for telecom, finance, and retail sectors. Its unified platform integrates IoT, edge computing, and API management to streamline operations and enhance customer engagement. Operating from Mumbai and Bengaluru, Jiostar serves large corporations seeking scalable, secure, and compliant technology stacks across India and emerging markets.
