Candescent is a forward-thinking technology company transforming how financial institutions deliver Intelligent Banking experiences. We unite digital banking, account opening, and branch solutions that power and connect digital banking, account opening, and branch solutions—creating seamless engagement across digital, remote, and in-person channels.

Our Experience-Led, Intelligence-Driven approach combines human-centered design with data, automation, and cloud-based innovation. Built on an API-first architecture, our extensible ecosystem enables institutions to adapt quickly, integrate easily, and unlock new opportunities for growth—turning every customer interaction into a moment of clarity, confidence, and connection.

Title: Information Security Engineer II - Security Operations (SOC) Analyst

Experience: 3 Years - 7 Years
Location: Hyderabad

About Candescent

Candescent is the leading cloud-based digital banking solutions provider for financial institutions. We are transforming digital banking with intelligent, cloud-powered solutions that connect account opening, digital banking, and branch experiences for financial institutions. Our advanced technology and developer tools enable seamless, differentiated customer journeys that elevate trust, service, and innovation. Success here requires flexibility in a fast-paced environment, a client-first mindset, and a commitment to delivering consistent, reliable results as part of a performance-driven, values-led team.

Role Overview

As an Information Security Engineer II, you will play a critical role in protecting Candescent's cloud-based platforms and services. This position combines traditional security engineering responsibilities with a strong emphasis on vulnerability management and cloud security posture management (CSPM). You will monitor threats, manage vulnerability scans, and collaborate with IT and DevOps teams to ensure timely remediation and compliance across AWS, Azure, and GCP environments.

Key Responsibilities

The Information Security Engineer II role encompasses five core responsibility areas: vulnerability and posture management, security monitoring and incident response, certificate management, cloud and application security, and compliance and documentation. Each area requires specific technical expertise and collaborative engagement with cross-functional teams to maintain Candescent's security posture across multi-cloud environments.

Vulnerability & Posture Management

• Execute and manage regular vulnerability scans using Qualys and cloud security posture assessments using Wiz

• Analyze scan results, prioritize remediation based on risk, and track progress against SLAs

• Coordinate with IT and DevOps teams to ensure timely patching and configuration updates across multi-cloud environments

• Maintain dashboards and reports on vulnerability trends and risk posture

Security Monitoring & Incident Response

• Monitor SIEM platforms (Splunk or similar) for alerts related to unauthorized access, malware, or misconfigurations.

• Investigate and triage security incidents, following established playbooks to contain and mitigate threats.

• Respond promptly to new and emerging threats, ensuring timely remediation of risks and attacks.

Certificate Management

• Day-to-day administration of Venafi (certificate management platform) including role-based access for various teams

• Manage full certificate lifecycle: request/approve, renew, update, revoke, recover, and secure download with proper key handling

• Build and maintain automation (e.g., Venafi TPP/Cloud workflows, API integrations) to reduce manual effort and SLA breaches

• Partner with app owners to onboard apps/issuers (PKI/ACME), enforce issuance policies, and remediate non-compliant certs

• Coordinate with Venafi support to plan/execute upgrades, patches, connector updates, and platform health checks

Cloud & Application Security

• Support secure configuration and hardening of AWS, Azure, and GCP environments.

• Maintain and optimize integrations between third-party security tools.

• Assist in enforcing identity and access management policies using Azure AD.

Compliance & Documentation

• Ensure adherence to regulatory and compliance requirements related to fraud prevention and security standards.

• Maintain clear documentation of security events, SOPs, and vulnerability management processes.

Education & Experience

• Bachelor's degree in Computer Science, Information Security, or related field (or equivalent experience).

• 3+ years of experience in security engineering, vulnerability management, or SecOps roles.

Technical Skills

• Hands-on experience with Qualys for vulnerability scanning and Wiz for CSPM.

• Familiarity with SIEM platforms (Splunk) and endpoint detection tools (CrowdStrike, SentinelOne).

• Knowledge of WAF technologies (Cloudflare, Akamai).

• Strong understanding of AWS, Azure, and GCP security best practices.

• Proficiency in scripting languages (Python, PowerShell) for automation.

Soft Skills

• High analytical and problem-solving skills.

• Excellent communication skills, including the ability to present technical concepts to non-technical audiences.

• Ability to work collaboratively across IT, DevOps, and business teams.

Preferred Certifications

• CompTIA Security+

• CISSP

• CEH, or equivalent

• Cloud security certifications (AWS Security Specialty, Azure Security Engineer)

References

No references cited in this document.

Statement to Third Party Agencies
To ALL recruitment agencies: Candescent only accepts resumes from agencies on the preferred supplier list. Please do not forward resumes to our applicant tracking system, Candescent employees, or any Candescent facility. Candescent is not responsible for any fees or charges associated with unsolicited resumes.