Senior Security Engineer (Intake - Hyderabad, India)

Yext is actively seeking a Senior Cloud Security Engineer reporting to the Manager of Product Security within the Cyber Security Office. This role will serve as a core pillar of our Product and Infrastructure Security program, shifting our focus toward robust Cloud Security automation, container security, and Security as Code. The role will enable product, engineering, IT, and security teams to make the right architectural decisions by implementing automated security controls, managing advanced cloud security tools, and leading security incident response efforts. In this role, you will also assist other Cyber Security leaders in driving a culture of security awareness within Yext, promote DevSecOps best practices, and champion cloud compliance initiatives.

• Drive Cloud Security Maturity: Lead the maturity of our Cloud and Enterprise Security programs by proactively identifying architectural infrastructure gaps and developing optimized, automated solutions.
• Security as Code & Guardrails: Design, deploy, and maintain immutable cloud security controls across AWS and GCP environments using Infrastructure as Code (IaC) tools like Terraform.
• Container & Orchestration Security: Define, implement, and monitor security baselines for containerized workloads and orchestration platforms, focusing on Docker and Kubernetes runtime security.
• CI/CD & DevSecOps Automation: Integrate automated security testing tools (SAST, DAST, dependency, and secret scanning) directly into engineering deployment pipelines.
• Cloud Security Tooling: Deploy, configure, and maximize the efficiency of enterprise security tools and cloud-native platforms, including Okta, CrowdStrike, and Lacework.
• Vulnerability & Patch Management: Oversee the cloud vulnerability scanning program, prioritizing vulnerabilities based on runtime risk and coordinating comprehensive remediation processes across engineering teams.
• Logging & SIEM Architecture: Design and implement scalable logging strategies and advanced SIEM integrations for multi-cloud architecture (AWS and GCP).
• Threat Modeling & Architecture Reviews: Lead comprehensive security architecture reviews and threat modeling sessions for cloud-native applications, providing actionable technical recommendations to Product and Engineering partners.
• Incident Response & DFIR: Apply the MITRE ATT&CK framework to cloud security operations and threat analysis. Conduct advanced Digital Forensics and Incident Response (DFIR) activities, handle evidence collection, and lead cloud-native incident investigations.
• Policy & Compliance: Author and contribute to cloud security policies, procedures, and standards while mapping technical controls to compliance frameworks like SOC2 and ISO 27001.

• Experience: 6+ years of relevant work experience in Cloud Security Engineering or Security Operations.
• Cloud Infrastructure Expertise: Deep technical knowledge and hands-on implementation experience managing security controls within AWS and GCP environments.
• Infrastructure as Code: Proven experience utilizing Terraform, CloudFormation, or Pulumi to deploy and manage secure infrastructure.
• Container Security Proficiency: Practical experience securing Kubernetes environments, managing network policies, and scanning container images.
• Identity Management: Demonstrable experience architecting and implementing enterprise identity management solutions (e.g., Okta, Azure AD).
• Security Automation: High proficiency in security automation using Python, Go, PowerShell, or Bash scripting to eliminate manual tasks.
• SIEM & Log Analysis: Strong understanding of centralized logging architectures, SIEM platforms, and data analysis for identifying anomalies.
• DFIR & Frameworks: Practical knowledge of cloud DFIR methodologies and advanced application of the MITRE ATT&CK framework to detect and remediate modern threat vectors.
• Certifications: CCSP, AWS Certified Security - Specialty, Google Professional Cloud Security Engineer, or equivalent cloud security certifications.
• Framework Familiarity: Strong alignment with security frameworks and standards such as NIST, ISO 27001, or CIS benchmarks.
• Communication & Collaboration: Strong communication skills and a proven history of collaborating effectively with Engineering, IT, and Product stakeholders to build high-trust partnerships.

In today's dynamic threat environment, software firms are increasingly acknowledged as a highly-targeted industry for cyberattacks due to the confidentiality and sensitivity of customer data, as well as the immediacy in which that data is needed to perform their operational duties. Given Yext’s vital role within the software ecosystem, protection of data is paramount in ensuring high-trust relationships with customers, partners, and vendors.

#LI-RK1