Full-Time
Policy as Code Engineer / Testers
Bangalore, India,Jpmc
Photon
Global AI and digital solutions provider
No salary listed
Bengaluru, Karnataka, India
In Person
 IT & Security (1) |
|---|
- Hands-on experience writing policies using Rego for Open Policy Agent (OPA) to enforce cloud security and operational best practices.
- Extensive experience with Google Cloud Platform (GCP) services such as IAM, Compute Engine, Kubernetes Engine, Cloud Storage, BigQuery, VPC, Cloud Functions, and more.
- Understanding of GCP-specific security controls, best practices, and compliance frameworks (e.g., CIS benchmarks, SOC 2, HIPAA, etc.).
- Experience working with cloud security frameworks and tools, including infrastructure as code (IaC) principles.
- Knowledge of security and compliance requirements for cloud-based environments (e.g., GDPR, SOC 2, PCI-DSS).
- Proficiency in test-driven development (TDD) and automated testing frameworks.
- Familiarity with CI/CD tools (e.g., Jenkins, GitLab CI, CircleCI, GitHub Actions) for automating policy testing and enforcement.
- Proficiency in at least one programming or scripting language, such as Python, Go, Shell, or JavaScript.
- Experience with version control systems, particularly Git, and collaborating on code repositories (e.g., GitHub, GitLab).
- Design, implement, and maintain Rego policies for cloud resources, ensuring that security, compliance, and operational policies are enforced.
- Write and maintain unit, integration, and acceptance tests for policy as code to ensure that policies are correctly applied in different environments.
- Collaborate with security teams to define and translate security and compliance requirements into actionable Rego policies.
- Ensure that GCP cloud resources (e.g., Compute Engine, Kubernetes, Cloud Storage, IAM, BigQuery, etc.) are configured according to company policies and regulatory requirements.
- Automate policy enforcement and validation for cloud resources using OPA and other policy enforcement tools.
- Integrate Rego policy tests and enforcement into CI/CD pipelines to ensure that policies are tested and applied consistently across environments.
- Work with DevOps teams to automate policy validation as part of the deployment and provisioning workflows.
- Collaborate with cross-functional teams (DevOps, Security, Compliance) to ensure that the policies meet business, security, and regulatory requirements.
- Create and maintain documentation for policies, tests, and guidelines for policy-as-code best practices.
- Stay up-to-date with the latest trends, tools, and best practices in cloud security, policy-as-code, and GCP services.
- Identify opportunities to improve policy automation and testing processes for cloud environments.
- Experience with other policy engines such as Kubernetes admission controllers, Sentinel, or KubernetesOPA is a plus.
- Hands-on experience with cloud security posture management (CSPM) tools, vulnerability scanning, and incident response.
- Google Cloud Certified - Professional Cloud Security Engineer or equivalent is a plus.
- OPA or other security certifications are a plus.
Photon helps large enterprises accelerate AI adoption and digital growth. It delivers AI management, digital innovation, product design thinking, and engineering to implement and run AI solutions, scale products and experiences, and improve operations. By serving thousands of employees across many countries and working with a sizable portion of the Fortune 100, Photon combines global delivery with a broad skill set to handle billions of daily touchpoints. Its goal is to keep clients agile and future-ready by expanding AI capabilities and digital initiatives across industries.
Company Size
N/A
Company Stage
N/A
Total Funding
N/A
Headquarters
London, United Kingdom
Founded
N/A
Simplify's Take
What believers are saying
- Generative AI boosts Photon's UX/UI prototyping for Fortune 100 clients.
- Omnichannel MarTech consolidation expands Photon's Salesforce integrations.
- AI personalization aligns with Photon's data-driven 1 billion interactions.
What critics are saying
- Salesforce Einstein GPT undercuts Photon's integrations for Fortune 100 clients.
- Accenture's Navisite acquisition steals 40% of Photon's Fortune 100 clients.
- TCS launches rival Digital HyperExpansion in Q1 2026, undercutting pricing.
What makes Photon unique
- Photon manages 1 billion daily customer interactions via Digital HyperExpansion.
- Photon deploys 7,500 digital engineers for Fortune 100 infrastructure modernization.
- Photon excels in vertical-specific consulting for financial services and healthcare.
Help us improve and share your feedback! Did you find this helpful?
Benefits
Health Insurance
Dental Insurance
Vision Insurance
401(k) Retirement Plan
Paid Vacation
Paid Holidays
Performance Bonus
Company News
Exein unveils next-generation runtime security to protect the ai-native world. * Photon blocks cyberattacks before execution across physical AI and IoT, autonomous AI agents and cloud and edge infrastructure * Kernel-level prevention sets a new standard beyond traditional user-space detection * Builds on Exein's position as the world's largest runtime security provider, protecting over two billion devices Mar 23, 2026 Prev Next 1 of 42,872 Exein, the global leader in runtime cybersecurity, unveiled Photon, a preemptive breakthrough solution that blocks cyberattacks at the point of execution. Designed for the AI-native world - where digital and physical systems are now inseparable - Photon marks a fundamental shift in how critical infrastructure protects itself. Unlike traditional cybersecurity solutions that detect threats after compromise - typically operating in user space and relying on a cloud network - Exein's Photon operates directly inside the kernel, preventing malicious execution paths before they can run. By blocking attacks before the point of execution, the technology dramatically reduces latency and eliminates entire classes of threats before damage occurs. If malicious instructions cannot execute, the attack itself cannot take place. This advancement establishes a new category of runtime security designed for systems that cannot be disconnected: physical AI and IoT environments, autonomous AI agents, and local hybrid cloud and edge infrastructure. In these environments, from industrial robotics and critical infrastructure to AI-driven platforms, downtime is not an option, and protection must be more precise and granular, blocking malicious threats without shutting down the entire process. The announcement at the RSA Conference (RSAC) comes as cyber threats increasingly target physical systems. Last month, the Munich Security Report 2026 warned that cyber operations are now engineered to cause real-world disruption, accelerating regulatory intervention after voluntary measures failed to address systemic vulnerabilities. At the same time, the speed of attacks is accelerating dramatically: recent threat intelligence shows average attacker 'breakout times' fell to just 29 minutes in 2025, 65% faster than the previous year, driven in part by AI-assisted automation. Protecting the digital and physical in the AI era Artificial intelligence is already capable of identifying vulnerabilities in software and infrastructure. In the near future, these models will not only detect weaknesses but exploit them autonomously to launch attacks at machine speed. As the scale and sophistication of these attacks grow, traditional runtime security systems that rely on detection alone will no longer be sufficient. Photon introduces a new model of preemptive runtime security designed for this AI-driven environment. Rather than detecting attacks after they begin, it prevents malicious execution paths from running in the first place, blocking threats in real time before they can impact the system. Unlike conventional security tools that operate in user space alongside the applications they protect, Photon operates directly within the kernel, the core of the operating system. By enforcing protection at this foundational layer, rather than merely detecting and stopping attacks, it prevents them from executing in the first place - all in real time. This marks a major milestone as physical and digital systems converge, positioning Photon as a new reference architecture for securing physical AI, agent AI and cloud and hybrid infrastructure. Gianni Cuozzo, Founder and CEO of Exein, said: "In a future where the world is infinitely connected with humanoid robots walking among Aithority, local LLMs powering intelligent edges, autonomous drones reshaping mobility, and billions of new autonomous systems bridging the digital and physical realms, preemptive runtime security represents the new generation of protection, built into the very DNA of every device from the ground up. "Exein was born to make this vision a reality: transforming every connected device into a fortress of security, forging the largest decentralised immune system for digital life - cross-vendor, cross-platform, and cross-system. We stand as the first line of defence between the boundless digital world and the physical one we live in, empowering manufacturers to build inherently safe innovations and already safeguarding over 2 billion devices worldwide."