4,592 Security Engineer jobs in India
Security Engineer
Posted 1 day ago
Job Viewed
Job Description
+ Design / Develop Self-Service portals (UI), security central websites using Angular JS, React JS, Backstage and backed APIs using Java or Python
+ Develop CI-CD pipelines on Tekton and deploy to GCP cloud
+ Work with product managers, SMEs, anchors to create prototypes, perform PoCs
+ Collaborate with Platform vendors to understand their APIs, integration patterns to automate deployments / manual tasks.
+ Automate testing using Playwright, postman
+ Work with various infrastructure and application support teams to provide technical direction and address security issues.
+ Design, test, and implement security policies for critical Enterprise Infrastructure.
+ Automate repeatable tasks and workflows to improve process efficiency by developing APIs/scripts and deploying to the cloud.
+ Implement SRE for Platform services, capabilities/features to achieve availability and reliability.
+ A relevant Bachelor's or Master's Degree in engineering/computer applications
+ 2+ years of experience in UI (Angular JS, React, Backstage) and API development (Python Flask or FastAPI or Java)
+ 2+ years of Experience in development of CI-CD pipelines
+ 2+ years of experience with GCP or Azure or AWS cloud and configuring infrastructure using infrastructure-as-a-code libraries like Terraform, Ansible, etc.
+ 2+ years of experience as a Security Engineer with a focus on using tools like MS Defender, Proofpoint for Email Security, UEBA
+ Experience working in an Agile development environment.
+ Knowledge of cybersecurity principles, practices, and technologies.
**Requisition ID** : 47868
Security Engineer
Posted 1 day ago
Job Viewed
Job Description
Are you ready to accelerate your potential and make a real difference within life sciences, diagnostics and biotechnology?
At Cytiva, one of Danaher's ( 15+ operating companies, our work saves lives-and we're all united by a shared commitment to innovate for tangible impact.
You'll thrive in a culture of belonging where you and your unique viewpoint matter. And by harnessing Danaher's system of continuous improvement, you help turn ideas into impact - innovating at the speed of life.
Working at Cytiva means being at the forefront of providing new solutions to transform human health. Our incredible customers undertake life-saving activities ranging from fundamental biological research to developing innovative vaccines, new medicines, and cell and gene therapies.
At Cytiva you will be able to continuously improve yourself and us - working on challenges that truly matter with people that care for each other, our customers, and their patients. Take your next step to an altogether life-changing career.
Learn about the Danaher Business System ( which makes everything possible.
The Security Engineer works with the architecture and risk management teams to design, implement, and operationalize secure systems, applications, and infrastructure. Key tasks include threat modeling, design reviews, risk assessment, deploying security technologies, integrating security throughout the development lifecycle, and ensuring compliance with security standards and regulations.
This position reports to the Director of Information Security APAC and is part of the Global Information Security team, which is located in Bengaluru. It will be an on-site role covering multiple countries across the world. At Cytiva, our vision is to advance future therapeutics from discovery to delivery.
What you will do:
+ Assist in developing and implementing secure architecture designs.
+ Perform threat modeling and support security risk assessments.
+ Participate in security design reviews across various environments.
+ Implement enterprise security technologies (e.g., Identity and Access Management (IAM), Data Loss Prevention (DLP), Mobile Device Management(MDM).
+ Ensure alignment with regulatory compliance and audit requirements.
Who you are:
+ Bachelor's degree in computer science, Information Security, Cyber Security or a related discipline.
+ At least 5+ years of experience in security engineering or architecture
+ Threat modeling, risk assessment, and security architecture principles.
+ Experience with security technologies (IAM, SIEM, EDR, DLP, MDM).
+ Familiarity with cloud technologies (e.g., AWS, Azure, GCP) and cloud security best practices.
Must be objective and measurable, eg. education, years of experience per GCRF job leveling guidelines (do not cap years of experience), specific systems proficiency or industry experience. Do not include soft skills.
Travel, Motor Vehicle Record & Physical/Environment Requirements:
+ Ability to travel across the world up to 10% of the time.
It would be a plus if you also possess previous experience in:
+ Conducting security design reviews for infrastructure, applications, and cloud environments.
+ Implementing security standards and secure design patterns in alignment with frameworks like ISO 27001, NIST, and CIS Controls.
+ Provide technical security advisory support to project teams and ensure compliance with regulatory standards.
Cytiva, a Danaher operating company, offers a broad array of comprehensive, competitive benefit programs that add value to our lives. Whether it's a health care program or paid time off, our programs contribute to life beyond the job. Check out our benefits at Danaher Benefits Info ( .
Join our winning team today. Together, we'll accelerate the real-life impact of tomorrow's science and technology. We partner with customers across the globe to help them solve their most complex challenges, architecting solutions that bring the power of science to life.
For more information, visit .
Security Engineer
Posted 1 day ago
Job Viewed
Job Description
Are you ready to accelerate your potential and make a real difference within life sciences, diagnostics and biotechnology?
At Cytiva, one of Danaher's ( 15+ operating companies, our work saves lives-and we're all united by a shared commitment to innovate for tangible impact.
You'll thrive in a culture of belonging where you and your unique viewpoint matter. And by harnessing Danaher's system of continuous improvement, you help turn ideas into impact - innovating at the speed of life.
Working at Cytiva means being at the forefront of providing new solutions to transform human health. Our incredible customers undertake life-saving activities ranging from fundamental biological research to developing innovative vaccines, new medicines, and cell and gene therapies.
At Cytiva you will be able to continuously improve yourself and us - working on challenges that truly matter with people that care for each other, our customers, and their patients. Take your next step to an altogether life-changing career.
Learn about the Danaher Business System ( which makes everything possible.
The Security Engineer works with the architecture and risk management teams to design, implement, and operationalize secure systems, applications, and infrastructure. Key tasks include threat modeling, design reviews, risk assessment, deploying security technologies, integrating security throughout the development lifecycle, and ensuring compliance with security standards and regulations.
This position reports to the Director of Information Security APAC and is part of the Global Information Security team, which is located in Bengaluru. It will be an on-site role covering multiple countries across the world. At Cytiva, our vision is to advance future therapeutics from discovery to delivery and will be on Europe shift(1pm - 9pm).
What you will do:
+ Assist in developing and implementing secure architecture designs.
+ Perform threat modeling and support security risk assessments.
+ Participate in security design reviews across various environments.
+ Implement enterprise security technologies (e.g., Identity and Access Management (IAM), Data Loss Prevention (DLP), Mobile Device Management(MDM).
+ Ensure alignment with regulatory compliance and audit requirements.
Who you are:
+ Bachelor's degree in computer science, Information Security, Cyber Security or a related discipline.
+ At least 5+ years of experience in security engineering or architecture
+ Threat modeling, risk assessment, and security architecture principles.
+ Experience with security technologies (IAM, SIEM, EDR, DLP, MDM).
+ Familiarity with cloud technologies (e.g., AWS, Azure, GCP) and cloud security best practices.
Must be objective and measurable, eg. education, years of experience per GCRF job leveling guidelines (do not cap years of experience), specific systems proficiency or industry experience. Do not include soft skills.
Travel, Motor Vehicle Record & Physical/Environment Requirements:
+ Ability to travel across the world up to 10% of the time.
It would be a plus if you also possess previous experience in:
+ Conducting security design reviews for infrastructure, applications, and cloud environments.
+ Implementing security standards and secure design patterns in alignment with frameworks like ISO 27001, NIST, and CIS Controls.
+ Provide technical security advisory support to project teams and ensure compliance with regulatory standards.
Cytiva, a Danaher operating company, offers a broad array of comprehensive, competitive benefit programs that add value to our lives. Whether it's a health care program or paid time off, our programs contribute to life beyond the job. Check out our benefits at Danaher Benefits Info ( .
Join our winning team today. Together, we'll accelerate the real-life impact of tomorrow's science and technology. We partner with customers across the globe to help them solve their most complex challenges, architecting solutions that bring the power of science to life.
For more information, visit .
Security Engineer
Posted 2 days ago
Job Viewed
Job Description
**Location:** India (Bangalore )
**Department:** PD&T
**Reports To:** Business Information Security Officer/Liaison
**Job Type:** Full-Time
**Job Overview:**
The **Security Engineer** will play a critical role in ensuring the security, compliance, and resilience of applications and infrastructure across the organisation. This role is responsible for integrating security controls from the early stages of the Software Development Lifecycle (SDLC), overseeing security tool onboarding, and ensuring adherence to cybersecurity policies. Key responsibilities include identifying and mitigating security risks, implementing DevSecOps best practices, securing cloud environments, and enhancing automation within CI/CD pipelines. Additionally, the Security Engineer monitors vulnerabilities, drives risk management initiatives, and supports governance processes to align with Cybersecurity paved road services.
**Key Responsibilities:**
Ensure compliance with critical security requirements, including CMDB updates, access control, threat modelling, WAF implementation, secrets management, and penetration testing, to secure cybersecurity approval before go-live.
Lead security tool onboarding, infrastructure management, application log monitoring, and data security to uphold organisational security standards.
Collaborate with application product teams from the early stages of the SDLC to define and implement security controls, conducting comprehensive architecture reviews.
Assist development teams in integrating security tools and agents to achieve full coverage, including SCA, SAST, DAST, container scanning, IaaC, and infrastructure security.
Strengthen the security of containers, Kubernetes, and microservices.
Serve as a technical support and IAM administrator, overseeing user roles, permissions, and service accounts for data lake projects on GCP.
Identify and assess security risks, document them in risk registers, and work with the Governance, Risk, and Compliance (GRC) team to drive risk mitigation or acceptance.
Deliver comprehensive security and compliance solutions through DevSecOps, covering risk assessment, mitigation strategies, vulnerability management, and patch management.
Strong understanding of automation, scripting, and DevOps pipeline integration.
Integrate security tools into CI/CD pipelines to enable automated vulnerability detection and resolution.
Enforce quality gates in blocking mode for critical and high vulnerabilities to ensure secure deployments.
Implement the Secure Software Development Lifecycle (S-SDLC) for applications hosted across AWS and Azure in multiple regions.
Monitor and analyse vulnerability scan reports, conducting false-positive assessments to enhance risk management accuracy.
Provide administrative and product support to internal and external users for security-related concerns.
Maintain and enhance the security posture of both legacy and business-as-usual (BAU) applications to ensure continuous compliance.
Lead cross-functional teams to foster secure and compliant product lifecycles while optimising security processes.
Develop and maintain JIRA dashboards to monitor security requirements and track project progress.
Generate weekly security dashboards and scorecards, offering leadership clear insights into application security status.
Self-motivated and proactive, with the ability to take initiative, work independently, and engage with stakeholders across multiple time zones as needed.
**Qualifications:**
**Education:** Bachelor's degree in computer science, Information Technology, Cybersecurity, or a related field.
**Experience:**
4+ years of experience in cybersecurity, DevSec Ops or related fields.
2+ years of experience of leading the project or similar task within a security focused role.
Proven track record of aligning security strategies with business objectives.
**Certifications:** Relevant certifications such as CISSP, CISM, CRISC, CISA or equivalent are highly desirable but not required.
**Skills:**
**Technical Expertise:** Strong understanding of cybersecurity frameworks, CI/CD pipelines, technologies, and best practices.
**Business Acumen:** Ability to understand and align with the business's strategic objectives and challenges.
**Communication:** Excellent verbal and written communication skills, with the ability to translate technical concepts into business language.
**Problem-Solving:** Strong analytical and problem-solving skills, with a proactive approach to identifying and mitigating risks.
**Relationship Management:** Ability to build strong relationships with stakeholders and various teams, fostering trust and collaboration.
**Preferred Qualifications:**
Experience in coding, automation, cloud security, and DevOps practices is highly desirable.
Knowledge of regulatory requirements relevant to the industry, such as GDPR, HIPAA, PCI-DSS, etc.
Familiar with various NIST frameworks including NIST, NIST 800-30 and NIST RMF.
Experience working in a matrixed organization with multiple lines of business.
**Key Attributes:**
**Proactive & Self-Driven** - Takes initiative, works independently, and engages stakeholders without requiring supervision.
**Technical Expertise** - Strong knowledge of security tools, cloud security, DevSec Ops, and automation.
**Risk & Compliance Focused** - Ensures alignment with cybersecurity policies, governance frameworks, and regulatory requirements.
**Effective Stakeholder Management** - Collaborates with cross-functional teams and communicates security risks clearly.
**Adaptable & Solution-Oriented** - Quickly addresses security challenges and supports multiple time zones as needed.
**What We Offer:**
Competitive salary and benefits package.
Opportunities for professional development and growth.
A collaborative, inclusive work environment where your ideas and contributions are valued.
**How to Apply:**
Interested candidates should submit their resume and a cover letter detailing their experience and qualifications for the role to (Insert Application Method)
**Who we are:**
At Pearson, our purpose is simple: to help people realize the life they imagine through learning. We believe that every learning opportunity is a chance for a personal breakthrough. We are the world's lifelong learning company. For us, learning isn't just what we do. It's who we are. To learn more: We are Pearson.
Pearson is an Equal Opportunity Employer and a member of E-Verify. Employment decisions are based on qualifications, merit and business need. Qualified applicants will receive consideration for employment without regard to race, ethnicity, color, religion, sex, sexual orientation, gender identity, gender expression, age, national origin, protected veteran status, disability status or any other group protected by law. We actively seek qualified candidates who are protected veterans and individuals with disabilities as defined under VEVRAA and Section 503 of the Rehabilitation Act.
If you are an individual with a disability and are unable or limited in your ability to use or access our career site as a result of your disability, you may request reasonable accommodations by emailing
**Job:** Engineering
**Job Family:** TECHNOLOGY
**Organization:** Enterprise Learning & Skills
**Schedule:** FULL_TIME
**Workplace Type:** Hybrid
**Req ID:** 20322
Security Engineer
Posted 4 days ago
Job Viewed
Job Description
As a member of the Huron corporate team, you'll help to evolve our business model to stay ahead of market forces, industry trends and client needs. Our accounting, finance, human resources, IT, legal, marketing and facilities management professionals work collaboratively to support Huron's collective strategies and enable real transformation to produce sustainable business results.
Join our team and create your future.
Under limited direction, this individual is responsible for identifying and fixing Security issues ensuring a Secure environment for Huron. The Individual is responsible for monitoring Huron's computer networks for security issues, install security software, and document any security issues or breaches found. This role requires the candidate to work collaboratively with other teams in the Corporate function that includes Network, Storage and other Infrastructure teams. As this role necessitates a lot of communication with the Onsite and Offshore team, Good Verbal and written communication is required.
**Requirements:**
+ Bachelor's degree in Computer Science, Information Technology, or a related field.
+ Strong technical knowledge in areas such as Threat Intelligence, DDOS, Security Monitoring, and SIEM tools.
+ Hands-on experience in vulnerability management, patching (OS & applications), and remediation practices.
+ Proficiency in TCP/IP, networking concepts, and security technologies (e.g., firewalls, proxies, antivirus, IDPS).
+ Experience with event correlation, incident response, and malware/threat analysis.
+ Strong scripting skills and ability to automate security processes.
+ Excellent communication skills and ability to work collaboratively in high-pressure situations.
**Preferences:**
+ Master's degree in Information Systems or a related field.
+ SIEM, Networking/Router, or Vulnerability Management Tool certifications/training.
+ Exposure to data center or cloud security environments (certifications are a plus).
+ Experience in penetration testing and security assessments.
+ Familiarity with implementing and managing VPNs, secure gateways, and encrypted communications.
+ Proven ability to conduct security research and recommend effective enhancements.
+ Demonstrated passion for cybersecurity and a strong drive to stay updated with industry trends.
**Position Level**
Senior Analyst
**Country**
India
At Huron, we're redefining what a consulting organization can be. We go beyond advice to deliver results that last. We inherit our client's challenges as if they were our own. We help them transform for the future. We advocate. We make a difference. And we intelligently, passionately, relentlessly do great work.together.
Are you the kind of person who stands ready to jump in, roll up your sleeves and transform ideas into action? Then come discover Huron.
Whether you have years of experience or come right out of college, we invite you to explore our many opportunities. Find out how you can use your talents and develop your skills to make an impact immediately. Learn about how our culture and values provide you with the kind of environment that invites new ideas and innovation. Come see how we collaborate with each other in a culture of learning, coaching, diversity and inclusion. And hear about our unwavering commitment to make a difference in partnership with our clients, shareholders, communities and colleagues.
Huron Consulting Group offers a competitive compensation and benefits package including medical, dental, and vision coverage to employees and dependents; a 401(k) plan with a generous employer match; an employee stock purchase plan; a generous Paid Time Off policy; and paid parental leave and adoption assistance. Our Wellness Program supports employee total well-being by providing free annual health screenings and coaching, bank at work, and on-site workshops, as well as ongoing programs recognizing major events in the lives of our employees throughout the year. All benefits and programs are subject to applicable eligibility requirements.
Huron is fully committed to providing equal employment opportunity to job applicants and employees in recruitment, hiring, employment, compensation, benefits, promotions, transfers, training, and all other terms and conditions of employment. Huron will not discriminate on the basis of age, race, color, gender, marital status, sexual orientation, gender identity, pregnancy, national origin, religion, veteran status, physical or mental disability, genetic information, creed, citizenship or any other status protected by laws or regulations in the locations where we do business. We endeavor to maintain a drug-free workplace.
Security Engineer
Posted today
Job Viewed
Job Description
Games24x7 is India’s leading and most valuable multi-gaming unicorn. We’re a full-stack gaming company, offering awesome game playing experiences to over 100 million players through our products - RummyCircle, India’s first and largest online rummy platform, My11Circle, the country’s fastest growing fantasy sports platform.
A pioneer in the online skill gaming industry in India, Games24x7 was founded in 2006 when two New York University trained economists Bhavin Pandya, and Trivikraman Thampy met at the computer lab and discovered their shared passion for online games. We’ve always been a technology company at heart, and over the last decade and a half, we’ve built the organisation on a strong foundation of ‘the science of gaming’, leveraging behavioural science, artificial intelligence, and machine learning to provide immersive and hyper-personalised gaming experiences to each of our players.
Backed by marquee investors including Tiger Global Management, The Raine Group, and Malabar Investment Advisors, Games24x7 is leading the charge in India’s gaming revolution, constantly innovating and offering novel entertainment to players!
Our 800+ passionate teammates create their magic from our offices in Mumbai, Bengaluru, New Delhi, Miami, and Philadelphia.
*Games24x7 is an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, colour, religion, sex, disability status, or any other characteristic protected by the law.*
For more information and career opportunities you may visit
Role:- Security Engineer / Senior Security Engineer
Responsibilities:
- 2-8 years relevant experience in VAPT
- Must have good understanding of at least one cloud provider. Preferably in AWS.
- Integrate SCA,SAST, DAST tools to pipelines, as per the best practices
- Ability to work with APIs and Plugins to integrate security tools into established CI/CD pipelines
- Strong Scripting Experience (bash, python)
- Experience with leveraging JSON, YAML, or XML for configuration
- Experience in experience in Kali Linux and other penetration testing tools
- Experience with Information security concepts and design principles.
- Familiarity with Secure Development lifecycle.
- Continuously develops security testing services and processes.
- Performs vulnerability research to identify new, previously unknown and unpublished vulnerabilities and research and do a POC on exploit codes.
Requirements:
- This person will be involved in integration of various security tools in development.
- Devops process as part of DevSecOps.
- Penetration Testing of APIs and Web/Mobile applications.
- Working with Dev Teams on best security practices in SDLC.
Security Engineer
Posted today
Job Viewed
Job Description
About the job
About Client:
Our client is global technology consulting and digital solutions company that enables enterprises to reimagine business models and accelerate innovation through digital technologies. Powered by more than 84,000 entrepreneurial professionals across more than 30 countries it covers to over 700 clients. With its extensive domain and technology expertise helps drive superior competitive differentiation, customer experiences, and business outcomes
Job Title : Network Security
Key Skills : Network Security, Cisco ASA, Firewall Configuration, Routing Protocols, Switching Technologies, Network Troubleshooting, VPN Technologies, Network Design,
Job Locations : pune
Experience : 3 - 10
Education Qualification : Any Graduation
Work Mode : Hybrid
Employment Type : Contract
Notice Period : Immediate - 10 Days
Payroll : people prime Worldwide
Job description:
o Desired Skills (Good to have as value add to this role)
• Knowledge of Cisco Security products
• Experience in programming using python and using APIs
o Education &/ Additional Certifications
• CCNA, CCNP or equivalent
o Required Skills (Must Have and should meet all the below standards for qualifying to this role)
• Prior experience on creating Design documents, Implementation/ Change Management Plans or optimisation reports (beyond day to day routine operations) is a must. Expertise in Implement &/or design (design is must for CE3 & CE4) of one of the following - Firewall, Identity solutions, Email Security, Web Security/Proxy, Cloud Security.
• Competent hands-on experience (beyond lab) in any of the network security technologies: Firewall, Identity solutions, Email Security, Web Security/Proxy, Cloud Security.etc.
Be The First To Know
About the latest Security engineer Jobs in India !
Security Engineer
Posted today
Job Viewed
Job Description
About Brillio:
Brillio is a global digital technology consulting and solutions company, founded in 2014 , and headquartered in Dallas-Fort Worth . With a strong presence in India and other global locations, Brillio is one of the fastest-growing digital service providers, serving many Fortune 1000 clients.
Job Title: SOC Engineer – Azure Sentinel
Location: Bangalore, India (Hybrid)
Experience: 7+ years in Security Operations
Expertise: Azure Sentinel, SIEM, Incident Response
Job Description:
Brillio is seeking a skilled SOC Engineer with hands-on experience in Azure Sentinel to join our cybersecurity team. In this role, you’ll monitor, detect, and respond to security threats across enterprise environments, helping us protect mission-critical systems and data.
What You’ll Do:
- Monitor and analyze security alerts using Azure Sentinel and other SIEM tools.
- Investigate incidents, perform root cause analysis, and escalate as needed.
- Develop and fine-tune detection rules, playbooks, and automation workflows.
- Collaborate with IT and security teams to improve threat detection and response.
- Maintain documentation and ensure compliance with security policies and standards.
What We’re Looking For:
7+ years in SOC or cybersecurity roles
Strong experience with Azure Sentinel and Microsoft Defender
Knowledge of incident response, threat hunting, and log analysis
Familiarity with MITRE ATT&CK framework and KQL (Kusto Query Language)
Certifications like AZ-500 , SC-200 , or Security+ are a plus
Security Engineer
Posted today
Job Viewed
Job Description
We are looking for talented Security Engineers to join our team!
Altered Security is an information security startup with focus on edtech, hands-on learning and focused security assessments. It has offices in India and Singapore.
We are experts in information security training, cyber ranges, online labs and security assessments. We have trained more than 4000+ information security professionals from more than 130+ countries across the globe through our in-person and online trainings.
We are looking for some amazing Security Engineers to join our India team at Bhopal location! If you have passion for information security, this is the right opportunity.
Who should apply:
- Very good communication skills and ability to communicate with customers.
- Good knowledge of Windows, Active Directory and/or Azure security.
- Excellent work ethics and passion to make and break stuff.
Your job will involve:
- Solve security issues and challenges for an enterprise environment.
- Running and maintaining Windows Active Directory and Azure Labs.
- Resolve lab related issues and maintain the availability.
- Solve student problems related to lab challenges.
- Monitor certification exams.
Certifications:
- CRTP is a plus.
Evaluation : Evaluation includes interviews.
Location: Bhopal
Number of positions : Multiple
Experience : 1 year and above
What do we offer:
- We offer best in the industry salary.
- Medical benefits.
Security Engineer
Posted today
Job Viewed
Job Description
Job Description: Product Security Engineer
Team: Cybersecurity
Location: Bangalore, India
About Zepto
Zepto is revolutionizing e-commerce in India. As the country's fastest-growing quick-commerce company, we deliver groceries and essentials in 10 minutes flat. This speed is not just a promise; it's the result of a complex, high-throughput technology and operations backbone that operates at an unprecedented scale.
Our environment is defined by rapid innovation, immense scale, and the challenge of solving complex problems that have never been solved before. We are building the future of commerce, and we need brilliant minds to help us build it securely.
About the Team & The Role
The Cybersecurity team at Zepto is a core part of the engineering organization. Our mission is to secure our products, platforms, and customers by embedding security into the DNA of everything we build. We aren't just a compliance function or a team that finds vulnerabilities; we are builders and problem-solvers who create foundational security solutions that allow Zepto to scale safely.
We are looking for a Product Security Engineer who thinks like an engineer first and a security expert second. This is not a traditional pentesting role. You will not just be breaking things—you will be building the tools, systems, and processes to prevent them from breaking in the first place. You will be a trusted security partner to our product and engineering teams, shaping the future of our architecture and enabling developers to ship secure code at lightning speed.
What You’ll Do (Responsibilities)
As a Product Security Engineer, you will:
- Design & Architect: Act as a security subject matter expert for engineering and product teams. Conduct in-depth architecture reviews, threat modeling, and design reviews for new features and services.
- Automate Everything: Build and implement automated security solutions within our CI/CD pipelines (DevSecOps). You will be responsible for our SAST, DAST, SCA, and secret scanning infrastructure, focusing on reducing noise and providing actionable, high-fidelity alerts to developers.
- Build Security Tooling: Identify gaps in our security posture and build custom tools and platforms to solve them. Whether it’s a framework for secure service-to-service communication or a platform for managing secrets, you will own the solution from concept to production.
- Secure Code & Dependencies: Perform deep-dive manual and automated code reviews to identify complex security flaws. Drive our Software Composition Analysis (SCA) and secret management strategies, ensuring best practices are followed across the organization.
- Lead Security Initiatives: Own and drive large-scale security initiatives across the company, such as implementing a new authentication service, rolling out a web application firewall, or hardening our cloud infrastructure.
- Share Knowledge & Innovate: Mentor engineers on secure coding practices, write technical blog posts about the novel problems you're solving, present your work at conferences, and contribute back to the open-source community.
What We’re Looking For (Qualifications)
- Engineering Mindset: A strong passion for solving complex problems with code. You are proficient in at least one programming language (e.g., Python, Go, Java, JavaScript) and are comfortable building security focused tools.
- Deep Security Expertise: A solid understanding of application security (AppSec) fundamentals. You know the OWASP Top 10 like the back of your hand but, more importantly, you understand the underlying vulnerabilities and how to mitigate them at scale.
- Hands-On Experience: Proven experience in areas like threat modeling, secure code review, and security automation. While you can perform a VAPT, you are more interested in automating the discovery and prevention of those vulnerabilities.
- DevSecOps Acumen: Experience integrating security tools into CI/CD pipelines and a strong belief in shifting security left.
- Excellent Communicator: You can clearly articulate complex security risks to both technical and non-technical audiences and can influence engineering teams without direct authority.
- Ownership & Drive: A proactive and self-driven attitude. You don't wait for tasks; you identify problems and take ownership of the solutions.
Why Join Us?
- Unparalleled Impact: Zepto is growing at an explosive rate. The solutions you build will have a direct and immediate impact on the security of millions of users and will be critical to the company's success.
- Solve for Scale: The challenges we face are unique. You won't be applying off-the-shelf solutions; you will be building for a scale and speed that few companies can match.
- Culture of Engineering: We are a tech-first company that values deep technical expertise. You will be surrounded by a world-class team of engineers to learn from and collaborate with.
- Greenfield Opportunities: Our security function is young and growing. You will have the opportunity to build things from the ground up and shape the future of our security posture.
- Growth & Learning: We encourage our team to be thought leaders. You'll have the support to write blogs, speak at events, and contribute to open-source projects that elevate both your and Zepto's reputation in the security community.
If you are an engineer who is passionate about security and wants to build resilient, scalable systems in a hyper-growth environment, we would love to hear from you.