Location : Mumbai (in-office)

Experience : 8- 12 years

About Verdantis :

Verdantis is an AI-native enterprise software company building intelligent solutions for MRO (Maintenance, Repair & Operations) and Enterprise Asset Management. Our products Harmonize, Integrity, and MRO 360 serve asset-intensive industries including oil & gas, chemicals, pharma, mining, and power generation across the US and Middle East.

About the Role :

This is a dual-mandate leadership role. You will own :

(a) DevOps engineering for our cloud-hosted SaaS products

(b) End-to-end internal IT infrastructure for the entire company, and

(c) The security posture for an AI-native product company that handles sensitive enterprise data and uses LLMs in production.

We need someone equally comfortable architecting Kubernetes clusters and writing IAM policies. You'll be the senior-most owner of production cloud reliability, internal IT excellence, and security across our stack including the unique risks that come with AI-native products. This is will be manager role with team reporting to him/her.

Role & Responsibilities :

- Architect, automate, and maintain cloud infrastructure on AWS/Azure using Terraform and Ansible

- Own the CI/CD platform (Jenkins, GitLab CI/CD, or GitHub Actions) design pipelines, manage build infrastructure, optimize deployment velocity

- Lead containerization and orchestration strategy (Docker, Kubernetes, Helm)

- Establish SRE practices: SLIs/SLOs, incident response, postmortems, on-call rotations

- Set up and maintain observability stack (Prometheus, Grafana, ELK, or equivalents)

- Drive cloud cost optimization and capacity planning

- Mentor the DevOps Intern and serve as the technical authority on platform engineering decisions

- Partner with the CTO and engineering leadership on infrastructure roadmap aligned with our AI-native product direction

Cloud & Application Security :

- Implement security best practices across AWS/Azure : IAM, network segmentation, secrets management (HashiCorp Vault, AWS Secrets Manager), encryption at rest and in transit

- Embed security into the SDLC- SAST, DAST, SCA, container scanning, and dependency vulnerability management integrated into CI/CD

- Run regular vulnerability scans and coordinate annual penetration testing with external partners

- Define and enforce secure coding standards across the engineering team

- Lead incident response and forensic investigation for security events

AI/LLM Security & Governance :

- Establish controls for AI-specific threats - prompt injection, jailbreaks, training data leakage, model inversion, and indirect injection through customer data

- Implement guardrails and content filtering for LLM inputs and outputs across our agentic AI workflows

- Govern the data pipeline used for fine-tuning and RAG- ensure customer master data used in model contexts is properly isolated, anonymized where required, and tenant-segregated

- Manage third-party AI/LLM vendor risk: review contracts, data residency, retention, and training-opt-out clauses for OpenAI, Anthropic, Azure OpenAI, and similar providers

- Maintain an inventory of AI models, datasets, and agents in production with their data flows documented

- Build internal policies on responsible AI use: what employee data, customer data, and code can be sent to which AI tools

- Track emerging AI security frameworks (OWASP Top 10 for LLMs, NIST AI RMF, ISO/IEC 42001) and align our practices accordingly

Compliance & Customer Trust :

- Lead preparation and ongoing maintenance of SOC 2 Type II and ISO 27001 certifications

- Respond to customer security questionnaires and support enterprise sales cycles with security artifacts

- Maintain a public trust center- sub-processor list, security whitepaper, AI usage disclosures

- Ensure compliance with regional data residency requirements for US and Middle East customers

IT & Infrastructure Management :

- Own the complete internal IT infrastructure for a multi-location team

- Manage the full asset lifecycle for laptops, desktops, and peripherals: procurement, provisioning, tracking, refresh, and retirement

- Own identity and access management : Google Workspace administration, SSO/Okta, role-based access, joiner-mover-leaver workflows

- Manage office network infrastructure : WiFi, VPN, firewalls, and remote-access security

- Implement and enforce endpoint security : disk encryption, EDR/antivirus, patch management, USB and data-loss policies

- Run IT helpdesk operations : set up ticketing, define SLAs, resolve issues for the global team

- Manage vendor relationships : hardware suppliers, SaaS subscriptions, licenses, and renewals

- Define and enforce IT policies, SOPs, and onboarding/offboarding workflows

Qualifications :

- 8- 12 years of combined experience across DevOps engineering, security, and IT infrastructure, with at least 5 years in DevOps/cloud and 3+ years owning IT and security for a 50+ person organization

- Deep expertise in at least one major cloud platform (AWS or Azure) with proven production-scale experience

- Hands-on mastery of Terraform, Kubernetes, Docker, and modern CI/CD tooling

- Strong scripting and automation skills (Python, Bash, PowerShell)

- Demonstrated experience implementing security programs : IAM, secrets management, vulnerability management, secure SDLC

- Practical understanding of AI/LLM security threats and mitigation patterns (prompt injection, data leakage, model abuse)

- Experience administering MDM platforms (Jamf, Intune, Kandji, or Hexnode) across mixed macOS/Windows fleets

- Working knowledge of identity providers (Google Workspace, Okta, Azure AD/Entra ID) and SSO/SAML

- Solid grounding in network fundamentals: firewalls, VPN, WiFi, segmentation

- Strong vendor management and budgeting skills

- Excellent communication: able to brief leadership, work with auditors, and engage with customer security teams

Preferred :

- Cloud certifications (AWS Solutions Architect Professional, Azure Solutions Architect Expert)

- Security certifications (CISSP, CISM, CCSP, Security+)

- Prior experience preparing a B2B SaaS company for SOC 2 Type II or ISO 27001 audits

- Familiarity with ISO/IEC 42001 (AI Management System) or NIST AI Risk Management Framework

- Experience managing distributed teams across India, US, and Middle East

- Prior people-management experience

What Success Looks Like :

- 99.9%+ production uptime with mature incident response

- Fully automated, audit-ready CI/CD and infrastructure provisioning

- SOC 2 Type II achieved or maintained with clean reports

- AI security guardrails operational across all production agents and LLM integrations

- Zero-touch onboarding/offboarding for new hires within their first day

- Audit-ready IT and security controls supporting enterprise customer reviews