By Career Board
December 14, 2025
Are you tired of just staring at logs all day? You know the feeling. You sit in a SOC (Security Operations Center), watching alerts pop up, ticking boxes, and feeling like a glorified sophisticated alarm clock. You want to build security, not just clean up the mess after it’s broken. You want to be the one telling the architects, "No, we can’t do that because it will expose our data."
If you are ready to stop being a "ticket closer" and start being a "security consultant," this role at Infosys is your exit ticket. It’s not about hacking; it’s about designing. It’s about being the voice of authority in the room when big cloud projects are being built. Ready to make the switch?
✅ Escape the "Shift Work" Trap:
Most security jobs at the 1-6 year mark are operational. You work night shifts monitoring firewalls. This role is different. It is an Information Security Engineer role, but if you look closer at the responsibilities, it’s actually a "Security Consultant" position. You are reviewing requirements, attending meetings, and planning architectures. This moves you away from the 24/7 support grind and into a 9-to-5 strategic career path.
✅ Multi-Cloud Mastery (Paid to Learn):
The Job Description (JD) explicitly asks for "Cloud Security" without locking you into just one vendor. They mention AWS and Azure. In most companies, you are forced to pick a lane. Here, you get to work on both. Infosys has massive clients using hybrid clouds. You will likely work on a project where the database is on Azure and the app is on AWS. Learning how these two talk to each other securely is a rare skill that pays huge dividends later.
✅ Soft Skills that Pay the Bills:
This might sound boring, but it’s where the money is. The JD stresses "Coordination," "Communication," and "Minutes of Meetings." This means you are client-facing. You aren't hidden in a server room. You are talking to project managers. Learning how to translate "Technically this port is open" into "Business-wise, we are about to lose a million dollars" is the skill that gets you promoted to CISO (Chief Information Security Officer) one day.
Category | Details |
Role | Information Security Engineer |
Location | Bangalore, Karnataka (Likely Hybrid) |
Eligibility | Bachelor of Engineering (1-6 Years Experience) |
Service Line | Information Security Group (ISG) |
Ref Code | INFSYS-EXTERNAL-227529-2 |
✅ Escape the "Shift Work" Trap:
Most security jobs at the 1-6 year mark are operational. You work night shifts monitoring firewalls or responding to Phishing emails. This role is different. While the title is Information Security Engineer, the responsibilities describe a "Security Consultant" position. You are reviewing requirements, attending meetings, and planning architectures. This moves you away from the 24/7 support grind and into a strategic career path where you work with your brain, not just your reflexes. You get your weekends back, and you get to sleep at night.
✅ Multi-Cloud Mastery (Paid to Learn):
The Job Description (JD) explicitly asks for "Cloud Security" without locking you into just one vendor. They mention AWS and Azure. In most product companies, you are forced to pick a lane. Here, you get to work on both. Infosys has massive clients using hybrid clouds. You will likely work on a project where the database is on Azure and the app is on AWS. Learning how these two talk to each other securely is a rare skill that pays huge dividends later. You are essentially getting paid to learn the skills that are most in-demand right now.
✅ Soft Skills that Pay the Bills:
This might sound boring, but it’s where the money is. The JD stresses "Coordination," "Communication," and "Minutes of Meetings." This means you are client-facing. You aren't hidden in a server room. You are talking to project managers and directors. Learning how to translate "Technically this port is open" into "Business-wise, we are about to lose a million dollars" is the exact skill that gets you promoted to CISO (Chief Information Security Officer) one day. This role forces you to become a better communicator, which is the secret sauce for moving into management.
Category | Details |
Role | Information Security Engineer |
Location | Bangalore, Karnataka (Likely Hybrid) |
Eligibility | Bachelor of Engineering (1-6 Years Experience) |
Service Line | Information Security Group (ISG) |
Ref Code | INFSYS-EXTERNAL-227529-2 |
Key Certs | AWS Security, Azure AZ-500, CCSK (Preferred) |
What You Will Actually Do:
Forget the movie hacker stuff. You won't be in a hoodie typing green text on a black screen. Your day starts with a calendar full of "Architecture Review" meetings. A project team will come to you and say, "Hey, we are building a new HR portal on AWS."
Your job is to play the "Bad Cop" in a nice way. You will look at their diagrams. You will ask, "Where are you storing the passwords? Why is this server accessible from the public internet? Do you really need admin access for everyone?" You will catch mistakes on paper before they become breaches in production. After the meeting, you will write the "Minutes of Meeting" (MoM) to document exactly what they need to fix. You are the safety inspector of the software world. You are the gatekeeper ensuring that speed doesn't compromise safety.
How You Can Succeed in the First 90 Days:
Month 1: Don't try to change the world. Focus on the process. Learn how Infosys documents risk. Learn their specific templates for "Risk Assessment." If you mess up the paperwork, you mess up the job. Find out who the key stakeholders are.
Month 2: Pick one cloud platform (AWS is usually the biggest) and get deep into its security services. Understand "Security Groups" and "IAM Roles" inside out. These will be 80% of your findings. Start tagging along with senior engineers to see how they handle pushback from developers.
Month 3: Start speaking up. In meetings, don't just take notes. Ask one hard question per meeting. "What happens if this database fails?" This shows you are thinking like an engineer, not a scribe.
Why This Role is a Stepping Stone:
Two years in this role gives you the "Architect" label. You can easily pivot to a "Cloud Security Architect" role at a product company or a bank. Those roles often pay 30-40% more than standard security engineering roles because you have proven you can handle people and governance, not just firewalls. This is the bridge that takes you from a technical doer to a high-level planner.
This is not a coding interview. They won't ask you to reverse a linked list or write a complex algorithm. They will ask you how you secure infrastructure and how you handle people.
Where to Practice (Actionable Advice):
Labs: Use Whizlabs or A Cloud Guru sandboxes. You need to know where the buttons are in the AWS console. You need to have "muscle memory" of creating a secure VPC.
Mock Scenarios: Practice explaining a security risk to your mom or a non-tech friend. If you can't explain why "SQL Injection" is bad without using jargon, you will fail the "Communication" part of this interview.
Diagramming: Grab a piece of paper and practice drawing a 3-tier architecture (Web, App, DB). Mark where the firewalls go. Mark where the load balancers go. This helps you visualize the questions they will ask.
You cannot walk into this interview without knowing these six concepts. We have selected specific videos that cover exactly what you need.
Concept 1: CICS Pseudo-Conversational Programming
Focus: COMMAREA, EIBCALEN, RETURN IMMEDIATE, and the difference between Conversational vs. Pseudo-Conversational.
📺 Master Class Video: CICS Pseudo Conversation Program Preparation
Infosys technical panels almost always ask, "How do you handle data between transactions?" This 1-hour 40-minute session is a true masterclass. It doesn't just define the concept; it walks through the code structure, the DFHCOMMAREA, and how to effectively design a screen that doesn't lock up the system resources (a critical Infosys performance criteria).
Concept 2: DB2 Performance & Locking Strategies
Focus: ISOLATION LEVELS (CS, RR, UR), LOCKSIZE, Deadlocks vs. Timeouts, and EXPLAIN plan interpretation.
📺 Master Class Video: Db2Night Show #z102: Db2 z/OS Best Developer Features
While typical tutorials cover SELECT *, this video covers what a Senior Developer at Infosys needs to know: performance. It dives into how the optimizer works and the developer features that help avoid production slowdowns. Watching this helps you answer the "How do you tune a slow-running query?" question with confidence.
Concept 3: JCL Production Support & Debugging
Focus: S0C7, S0C4, S322 Abends, Restart Logic (RESTART=STEP), and COND parameters.
📺 Master Class Video:
This near 2-hour video is exhaustive. For an Infosys role, you aren't just writing new JCL; you are fixing broken JCL. This video covers the nuances of DISP parameters and GDG versions that often cause batch failures in production environments.
Concept 4: COBOL Subroutines (Static vs. Dynamic Calls)
Focus: CALL 'SUBPROG' vs. CALL IDENTIFIER, Load Modules, Link-Edit process, and Impact on maintenance.
📺 Master Class Video: COBOL - SUB PROGRAMS - STATIC AND DYNAMIC CALL
This is a classic "Infosys Trick Question." They will ask, "If I change a subprogram, do I need to recompile the main program?" This 1-hour lecture demonstrates the memory differences and the compilation lifecycle (Load Module management) so you can explain exactly why a Static call requires a relink while a Dynamic call does not.
Concept 5: VSAM Architecture & Splits
Focus: CI/CA Splits, FREESPACE, IDCAMS commands (REPRO, ALTER, DEFINE), and Alternate Indexes (AIX).
📺 Master Class Video: VSAM Refresher in 30 Minutes
Infosys loves asking about "Control Interval Splits." This video provides a dense, high-speed breakdown of the VSAM structure (KSDS/ESDS) and the critical IDCAMS utility commands you will use to fix corrupted datasets or manage space in a production batch window.
Concept 6: Mainframe Production Support Lifecycle
Focus: SLA Management, Incident Triage, Job Scheduling (Control-M/CA-7 basics), and Root Cause Analysis.
📺 Master Class Video: Mainframe Production Support Webinar 1
Many Infosys Mainframe projects are "Maintenance & Support." This 1-hour 15-minute webinar is rare because it teaches the process of support—how to prioritize a ticket, how to communicate during an outage, and how to analyze a job log from a "fix it now" perspective rather than a "developer" perspective.
❓ Technical: "What is the difference between a Security Group and a Network ACL in AWS? Which one blocks traffic by default?"
❓ Scenario: "A project manager wants to go live tomorrow, but you found a critical vulnerability. They are pressuring you to sign off because delaying will cost money. What do you do?" (Hint: The answer is 'Document the risk, escalate to leadership, and never just sign off'.)
❓ Technical: "Explain the concept of 'Shared Responsibility Model' in the cloud. Who is responsible for patching the OS in EC2 vs. RDS?"
❓ Behavioral: "Tell me about a time you had to explain a complex security issue to a non-technical person. How did you make them understand?"
❓ Role Specific: "How do you stay updated with the latest security threats? Name one recent vulnerability (like Log4J) and how you would fix it."
❓ Bonus: "If we have a hybrid setup (On-premise + Cloud), how do we secure the connection between them?" (Expected answer: VPN or Direct Connect).
❓ Advanced: "What is the difference between Symmetric and Asymmetric encryption, and where would you use each in a web application?"
Infosys is often called a "mass recruiter," but their specialized units like the Information Security Group (ISG) are hidden gems. This is a center of excellence. You aren't just a number here; you are part of a specialized task force that protects the entire organization and its global clients. The exposure you get here is massive because Infosys works with almost every major industry—banking, retail, healthcare, and automotive.
Unmatched Learning Budget:
Infosys has deep partnerships with Microsoft, AWS, and Google. This often gives their employees free access to certification vouchers and training platforms that would cost you thousands of dollars on your own. They have an internal platform called "Lex" which is fantastic for learning. If you are smart, you can rack up 3-4 expensive certifications (like AZ-500 or AWS Security Specialty) in your first year on their dime.
Stability in a Shaky Market:
The tech market is volatile right now. Startups are firing people left and right. Infosys has cash reserves and long-term contracts with Fortune 500 companies. This job offers a "safe harbor" where you can build your skills without worrying if your paycheck will clear next month. It gives you the peace of mind to focus on your career growth.
Q: Do I need to be a coding expert?
A: No. You need to read code (scripts, JSON policies) to understand what it does, but you won't be writing software applications from scratch. Basic scripting (Python/Bash) helps for automation, but isn't the main job.
Q: Is this a 24/7 rotational shift job?
A: The JD doesn't mention shifts, which usually implies a General Shift (9-6). However, because you are coordinating with global teams/clients, you might have occasional late evening calls to sync with US or UK teams.
Q: I have 1 year of experience in IT support. Can I apply?
A: Yes, but you need to tailor your resume. Highlight any time you managed user access (Active Directory), configured a firewall, or patched a server. Show you have the "Security Mindset."
Q: What is the salary range for this role?
A: While not listed, for 1-6 years of exp in Bangalore, Infosys typically pays between 5 LPA to 12 LPA depending heavily on your previous package and interview performance.
Q: Is this role remote?
A: Most likely hybrid. Infosys Bangalore usually requires employees to come to the office 2-3 days a week.
🔥 Urgent Notice: Infosys closes requisitions fast once they have enough resumes. Don't wait for the weekend.
👉 CLICK HERE TO: Apply now
📢 Pro Tip: Before you apply, go to your LinkedIn profile and add "Cloud Security" to your headline. Recruiters search by headline!
Similar to this post
Browse by category.
Recommended opportunities
