Hiring InfoSec Tech Lead – Secure Global Systems at [24]7.ai, Bangalore
InfoSec Tech Lead—Information Security Expert | [24]7.ai | Bangalore, India
Are you excited about cyber defense, infosec, and the future of secure digital infrastructure? [24] 7.ai is seeking an experienced and skilled InfoSec Tech Lead to be part of our Global Information Security team located in Bangalore, India. In this important leadership position, you will be on the cutting edge of defining the security stance of a global tech company, protecting enterprise-level applications, infrastructure, and sensitive data from new threats.
As an InfoSec Tech Lead, you will play a key role in spearheading application and infrastructure security programs, detecting vulnerabilities, applying proactive controls, and attesting to global compliance standards like PCI, SOC, and GDPR. If you are passionate about cybersecurity and possess a technical foundation in vulnerability assessments, secure code reviews, and penetration testing, this role is specifically designed for you.
Key Role: InfoSec Tech Lead
• Department: Global InfoSec
• Reporting To: Manager—Information Security
• Work Location: Bangalore, KA, India (with possible travel prospects)
• Type: Full-Time, Permanent Position
• Direct Reports: None
About [24]7.ai
[24] 7.ai is a worldwide leader in AI-powered customer experience and digital transformation solutions. With a focus on secure, scalable, and intelligent platforms, our mission is to make customer engagement easy, smooth, and secure. As part of our continued dedication to cybersecurity, we are hiring world-class InfoSec talent to strengthen our global security frameworks and risk management systems.
Job Summary
The InfoSec Tech Lead will be responsible for helping assure information security, compliance, and risk management procedures. You will collaborate closely with cross-functional teams in engineering, product, and IT to maintain the application and infrastructure security needs being met globally throughout the organization‘s presence.
Your extensive technical know-how in topics like vulnerability management, cloud security, secure coding practices, and penetration testing will be critical to protecting digital assets and ensuring customer confidence.
Important Responsibilities
• Vulnerability Assessment & Penetration Testing (VAPT):
• Own and perform VAPT for infrastructure, web applications, APIs, and web services.
• Carry out both manual and automated security testing to identify critical vulnerabilities and security weaknesses.
• Security Audits & Reviews:
• Regular configuration audits on network devices, servers, and key systems.
•Perform code reviews for several programming languages (Java, .NET, C/C++, etc.) and suggest secure development techniques.
• Secure Development Practices:
o Offer technical advice on secure coding guidelines and SDLC security incorporation.
o Assess and improve application architecture to improve security design.
• Threat Modeling & Risk Mitigation:
o Carry out thorough threat modeling exercises and risk analyses for various digital assets.
o Suggest remedial and preventive measures for identified weaknesses.
• Compliance & Governance:
no Ensure that all security implementations are compliant with compliance frameworks such as PCI DSS, SOC 2, GDPR, NIST, and ISO 27001.
no Facilitate documentation and communication of policies and procedures to ensure internal alignment and regulatory readiness.
• Tool & Product Evaluation:
no Assess innovative security products and tools for enhancing threat detection and response capabilities.
no Utilize tools like Nessus, Nmap, Burp Suite Pro, Acunetix, Fortify, Checkmarx, IBM AppScan Source, and Core Impact.
• Team Mentoring & Project Oversight:
o Provide guidance to junior members on security practices and testing techniques.
o Take a lead or contribute to cross-functional projects and serve as an internal security guide to business stakeholders.
Preferred Skills and Technical Expertise
• Security Testing: Proficient hands-on experience in network, web, mobile, and cloud application security testing.
• Code Review: Skilled in static and dynamic application security testing (SAST & DAST), including tools such as Checkmarx and Fortify.
• Scripting and Programming: Skilled in at least two script languages including Python, Perl, PHP, or Ruby. An understanding of high-level programming languages such as Java, C, and.NET is a very strong advantage.
• Security Frameworks: Understanding of OWASP Top 10, OSSTMM, PTES, CREST, CESG, ISSAF, and other industry-recognized frameworks.
• Cloud & Mobile Security: Proficiency in evaluating cloud infrastructure and mobile devices (iOS and Android).
• Security Classifications: Familiarity with CVSS, DREAD, and other security classification models for the assessment of vulnerability impact.
• Tools & Platforms:
o Network: Nessus, QualysGuard, Nexpose, Kali Linux, Nmap, Metasploit
o Application: Burp Suite Pro, Acunetix, IBM AppScan, HP WebInspect
o Code Review: Fortify, Checkmarx, IBM AppScan Source
Educational and Professional Requirements
• Education: Bachelor’s or Master‘s Degree in Computer Engineering, Information Science, or relevant field.
• Certifications (Preferred):
o CEH (Certified Ethical Hacker)
o OSCP (Offensive Security Certified Professional)
o OSCE (Offensive Security Certified Expert)
o ECSA|LPT (EC-Council Certified Security Analyst / Licensed Penetration Tester)
o CPT (Certified Penetration Tester)
Professional Experience
• 5–7 years of hands-on experience in:
o Vulnerability management across application, infrastructure, cloud, and IoT environments.
o Performing secure code reviews and architecture-level threat assessments.
o Working within SDLC or agile development frameworks.
o Security oversight and mentoring junior team members.
Soft Skills & Additional Qualities
• Communication: Good written and verbal communication skills; skill to prepare thorough security reports and present the results to technical as well as executive stakeholders.
• Customer Engagement: Familiar with engaging global customers to get an understanding of their InfoSec needs and presenting professional reports.
• Ethical Mindset: High commitment to ethical business and cybersecurity practices.
• Agility: Skilled at performing in fast-paced environments and performing under pressure.
Why Join [24]7.ai as an InfoSec Tech Lead?
• Global Exposure: Collaborate with an international team of professionals to secure enterprise-level digital spaces.
• Innovation & Growth: Remain at the forefront of increasingly sophisticated threats with ongoing learning and innovation prospects.
• Leadership Opportunity: Have a voice in strategic InfoSec project decision-making and leave your mark.
• Inclusive Culture: Be a part of a progressive organization that embraces diversity, innovation, and ethical excellence.
Ready to Make a Difference in Cybersecurity?
Join us at [24]7.ai as we continue to lead in AI-powered customer experience while prioritizing data protection and cybersecurity. As an InfoSec Tech Lead, your expertise will drive real-world impact—ensuring our global systems remain safe, secure, and resilient against today’s ever-changing threat landscape.