Security Engineer – Cyber Security Analyst

GSPANN is hiring a Security Engineer – Cyber Security Analyst to build and operate security automation and analytics platforms. The role focuses on integrating application security tools, enabling CI/CD security gates, and delivering actionable security insights through dashboards and metrics.

• Build and maintain connectors and ETL pipelines from Apiiro, Invicti, Checkmarx, and GitHub Advanced Security into Jira and BI systems, including automated ticket creation and SLA tagging.
• Implement policy-as-code gates within CI/CD pipelines to block merges on critical security findings.
• Design and maintain dashboards for SSDLC coverage, vulnerability trends, SLA breaches, and risk metrics.
• Monitor platform health by instrumenting checks for scan schedules, authentication profiles, and data ingestion failures, and trigger alerts for anomalies.
• Ensure high availability and performance of security data flows, manage version control in Git, and implement CI checks for rules and playbooks.
• Partner with Application Security teams across SSDLC, DAST, VDP, and penetration testing to reduce false positives and enable executive-level reporting.
• Analyze vulnerability recurrence patterns, propose design-level controls, and support management reviews with actionable data insights.

• 6-8 years of experience in security engineering, security analytics, or platform engineering roles.
• Strong scripting skills in Python and/or PowerShell.
• Hands-on experience with API integrations and automation workflows.
• Proven expertise with GitHub Actions, JSON, and YAML.
• Practical experience integrating Apiiro, Invicti, Checkmarx, GitHub Advanced Security, and Jira automation.
• Solid understanding of Secure Software Development Life Cycle (SSDLC) concepts and security KPI design.