Engineering

Security Operations Engineer

Coimbatore, Tamil Nadu
Work Type: Full Time
Apply Now
Kovai.co is a catalyst, sparking a revolution in the world of enterprise software and B2B SaaS, we are a technology powerhouse delivering best-in-class enterprise software and game-changing SaaS solutions across industries.

At Kovai.co, we're rewriting the B2B landscape by empowering over 2,500 businesses worldwide with our award-winning SaaS solutions.

Our Products:

  • Biztalk360
  • Turbo360
  • Document360
“UK headquarters. Indian innovation. Global impact.”

Our journey has been nothing short of remarkable, having witnessed exponential growth and profitability right from our inception.
We are on track towards $30 million in annual revenue – and we're just getting started.

Kovai.co is fueled by a tribe of thoughtful helpers, obsessed with empowering customers, uplifting colleagues, and igniting our own journeys.

Redefining tech is our game. Are you in? Join Kovai.co – where passion meets purpose.

Role Summary : 

We are seeking a hands-on Security Engineer to own infrastructure security, vulnerability assessment, patch risk analysis, and incident response in a SaaS environment. This role will act as the primary security owner for endpoints, cloud infrastructure, identity, and network security in the absence of a dedicated SOC, while balancing security risk and product stability. 


Key Responsibilities 


1. Vulnerability Assessment & Risk-Based Patch Management 


  • Perform infrastructure-level vulnerability assessments (VAPT) across cloud, servers, endpoints, networks, and identity systems. 
  • Assess Windows OS and third-party security updates, evaluate exploitability, CVSS severity, and business/product impact. 
  • Set up and maintain sandbox or staging environments to test patches before production rollout. 
  • Define patch deployment strategies (immediate, phased, deferred with compensating controls). 
  • Track vulnerabilities from discovery to closure with clear risk acceptance or remediation decisions. 

 

2. Endpoint & OS Security 


  • Secure and harden Windows/Linux endpoints and servers using CIS benchmarks and security baselines. 
  • Manage and tune endpoint protection platforms (AV, EDR, XDR). 
  • Investigate malware or suspicious activity, isolate affected systems, and perform root cause analysis (RCA). 
  • Reduce attack surface by enforcing secure configurations and least privilege. 

 

3. Cloud, Identity & Access Security 


  • Secure Azure infrastructure using Defender for Cloud / Azure Security Center and native controls. 
  • Manage and review Azure Entra ID (Azure AD): 
    • User access reviews and role hygiene 
    • Privileged identity and conditional access 
  • Identify risks from unmanaged or shadow SaaS applications (paid and free). 
  • Assess credential exposure risks, MFA gaps, and excessive access. 

 

4. Network & Perimeter Security 


  • Review and maintain firewall rules, VPNs, NAT, and network segmentation. 
  • Conduct network vulnerability and configuration reviews. 
  • Validate intrusion prevention, threat filtering, and secure connectivity. 

 

5. Incident Detection & Response (No SOC Environment) 


  • Act as the first responder for security incidents in the absence of a SOC. 
  • Monitor security alerts from endpoint, cloud, and identity platforms. 
  • Correlate events, determine impact, and lead containment and remediation. 
  • Document incidents, lessons learned, and preventive actions. 

 

6. Governance, Documentation & Continuous Improvement 


  • Translate technical vulnerabilities into clear business risk statements. 
  • Maintain vulnerability reports, patch risk assessments, and security baselines. 
  • Support audits and compliance efforts (ISO 27001, NIST, CIS). 
  • Continuously improve security processes and tooling coverage. 

 

Tools & Technologies

 

  • Vulnerability Assessment: Nessus, Qualys, MS Defender Vulnerability Management, NMAP 
  • Patch & MDM: Intune, ManageEngine, WSUS, Zoho Endpoint Central (planned) 
  • Endpoint Security: Microsoft Defender, CrowdStrike, SentinelOne, Sophos Central (planned) 
  • Cloud & Identity Security: Azure, Azure Entra ID, Azure Defender, Azure Sentinel (optional, not SOC-driven) 
  • Network Security: Sophos XGS 2100, Sophos Connect VPN SSL, FortiGate, Palo Alto, Cisco ASA 
  • Email & SaaS Security: O365 Defender, O365 Exchange, O365 SharePoint, O365 Purview, MS Teams Admin portal 
  • Dev & Collaboration Tools: Visual Studio Admin, MS DevOps 
  • Support & Operations Tools: Freshdesk, Freshservice 
  • Physical & Biometric Security: EZ View (CCTV), NetX-Spectra (Biometric App) 

 

Experience & Skills 


  • 4–8 years in infrastructure/cloud security 
  • Strong Windows security and patching experience 
  • Azure security & identity management expertise 
  • Ability to make and justify risk-based security decisions 
  • Comfortable working independently without a SOC 
 

Equal Opportunities:


Kovai.co is committed to building a workforce that reflects the richness of our society. We believe in fostering a culture of belonging and respect for all. Kovai.co stands firmly against discrimination, ensuring equal opportunity for everyone to build a successful career.


Submit Your Application

You have successfully applied
  • You have errors in applying
Social Network and Web Links
Provide us with links to see some of your work (Git/ Dribble/ Behance/ Pinterest/ Blog/ Medium)