Innovation Hub Overview

Jefferies is creating a Technology Innovation Hub in Pune, a greenfield opportunity to build the systems that power global markets. As our first India technology center, this hub brings together hands on builders who engineer the platforms behind Jefferies’ growth across capital markets, investment banking, and institutional securities. We’re scaling toward an elite team of 500 engineers while maintaining the agility, ownership, and meritocratic spirit that defines Jefferies. From cloud and data to AI, risk, and core business technologies, teams in Pune will lead high impact work with a global mandate.

IT Security Technology

Jefferies’ IT Security Technology / Global Information Security (GIS) team protects the firm’s critical systems, sensitive information, and global operations against evolving cyber threats. GIS partners with Technology, Operations, Corporate functions, and the Business to embed security into day-to-day operations while supporting productivity, regulatory compliance, and operational resilience. GIS balances strong controls with efficiency and operates globally across the US, EMEA, and APAC to provide round-the-clock coverage.

Role Overview
Jefferies is seeking a Cloud Security Engineer to lead and support our cloud security initiatives, with a focus on securing cloud-native applications and infrastructure and supporting the APAC region. This role will be responsible for managing and optimizing our cloud security posture using tools like Wiz, identifying and mitigating cloud vulnerabilities, and collaborating with engineering teams to embed security into our cloud environments. The ideal candidate will have a strong understanding of cloud platforms, security best practices, and the ability to communicate effectively across technical and non-technical teams.

Key Responsibilities:

• Lead the implementation and management of cloud security tools, with a focus on Wiz, to monitor and improve our cloud security posture.
• Identify, triage, and help remediate cloud infrastructure and application vulnerabilities across multi-cloud environments.
• Collaborate with DevOps and engineering teams to design secure cloud architectures and integrate security into CI/CD pipelines.
• Conduct threat modeling and risk assessments for cloud-native applications and services.
• Serve as an escalation point for cloud-related security incident response and forensics.
• Coordinate third-party cloud security assessments and penetration tests.
• Stay current on emerging cloud security threats, technologies, and best practices.
• Provide guidance and training to engineering teams on secure cloud development practices.

Qualifications:

• Strong understanding of cloud platforms (primarily AWS and Azure) and cloud-native security principles.
• Hands-on experience with cloud security tools, especially Wiz or similar CSPM/CNAPP platforms.
• Familiarity with infrastructure-as-code (IaC) security and DevSecOps practices (primarily Terraform).
• Basic experience with a common scripting language (e.g. Python) for developing automations.
• Experience with vulnerability management, threat modeling, and incident response in cloud environments.
• Strong communication and collaboration skills to work effectively with cross-functional teams.
• Relevant certifications such as AWS Certified Security – Specialty, GIAC Cloud Security Automation (GCSA), or similar are a plus.
• Background in application security is a plus, especially in cloud-native contexts.
  

#LI-SK1