Job Ad

We’re looking for a Security Engineer 2 to join Procore’s Security Engineering team. In this role, you’ll be a key contributor, focused on building, implementing, and operating the foundational security controls that protect our platform, data, and users. Your primary goal is to help build and maintain a secure, scalable, and resilient cloud product and infrastructure.

As a Security Engineer 2, you’ll work with Engineering, IT, Security Operations, and GRC to apply security principles to our systems. Use your experience in cloud security, automation, and core security principles to implement and operate automated security controls across our SaaS ecosystem. This is a fantastic opportunity to grow your skills and make a real impact on protecting the data of millions of users - Apply today.

This position reports into the Senior Manager, Security Engineering and will be based in our Bengaluru, India office. We’re looking for someone to join us immediately.

What you’ll do:

• Implement and support automated pipelines for asset inventory and Software Bill of Materials (SBOM) generation.

• Configure and support IAM guardrails for cloud (AWS/GCP/Azure) and corporate (Okta) environments.

• Support the implementation of data protection tools and processes, including key management and encryption.

• Implement secure configurations for our containerized (Kubernetes, EKS) and IaC (Terraform) workflows under the guidance of senior engineers.

• Collaborate with SRE and GRC teams to test and document resilience patterns.

• Assist GRC and Internal Audit teams by gathering data and providing context on security controls.

• Operate and triage alerts from security tools and platforms, and help drive remediation.

• Participate in the evaluation of new security technologies and tools.

What we’re looking for:

• Bachelor's degree in Computer Science or equivalent practical experience.

• 4+ years of experience in a hands-on technical security or IT/ops role with a security focus.

• Solid understanding of core security domains such as IAM, network security, and infrastructure security.

• Hands-on experience with at least one major cloud provider (AWS preferred).

• Familiarity with identity and access management platforms (Okta, Azure AD) and concepts.

• Experience with, or a strong desire to learn, IaC (Terraform) and container orchestration (Kubernetes).

• Understanding of data protection principles, including encryption and key management.

• A passion for automation and experience with scripting languages (Python, Go, or similar).Good communication skills and a collaborative, team-oriented attitude.