Job Title

Job Title: Senior Security Engineer (Sr.SE ) Location:Bengaluru Employment Type:Full-time Team:Security EngineeringRole OverviewAs aSenior Security Engineer , you will play a key role in strengthening the company’s overall security posture across ourAI platforms, microservices, data pipelines and mobile/web products . You will design, build and automate scalable security controls that integrate seamlessly into our CI/CD pipelines and cloud infrastructure. This role demands ahands-on breaker-builderwho can balance deep technical expertise with practical risk management, while collaborating with AI, product, and DevOps teams.Key ResponsibilitiesSecurity Engineering & AutomationDesign and implementsecurity automation frameworksfor threat detection, remediation and compliance validation across cloud and application layers. Develop tools and scripts to enhance security visibility inAI model pipelines , APIs and data integrations. Integrate security controls into CI/CD workflows (SAST, DAST, SCA, IaC scanning). Worked onXDR/SIEMfor automated detection and response.Application & API SecurityPerformsecure code reviewsand threat modeling forAI microservices, REST APIs and agent frameworks . Collaborate with developers to remediate vulnerabilities and enforce secure SDLC practices. Lead periodicVAPT (Vulnerability Assessment & Penetration Testing)for web, mobile apps, Agentic AI platform and connected services. Identified and mitigated vulnerabilities such asOTP bypass ,data leaks in public GCS bucketsandsource code exposure . Cloud & Infrastructure Security Secure multi-cloud (GCP/AWS) environments using native and third-party tools. Build and maintainIaC security baselinesand automated configuration drift detection. Configure and manageWAFfor custom DDoS and bot protection. Managesecrets, IAM and container securitybest practices across production workloads. Fix misconfigurations, default credentials, and public exposures across systems like Grafana, Zookeeper, and Prometheus.AI & Data SecurityContinuously monitor for compromised datasets, credentials, and model theft attempts in deep/dark web spaces. Implementdata protection mechanismsfor AI training pipelines, model storage and inference endpoints. Evaluate and mitigateprompt injection ,model leakageanddata exfiltrationrisks in AI agents.Monitoring & Incident ResponseCollaborate with internal teams to improvethreat detection , alert triage and response automation. Monitor dark web and forums like Telegram/Russian marketplaces for leaked data, compromised credentials, and fake breach claims. Build dashboards and reports for proactive risk visibility.Security Awareness & LeadershipConduct internal security training and phishing simulations. Mentor interns and engineers on VAPT, incident response, and secure coding. Advocate for organization-wide adoption ofDMARC ,SPF , andDKIMfor email protection.Compliance & GovernanceContribute toISO 27001, SOC 2, GDPR and HIPAAsecurity controls implementation. Document policies, run internal audits and support external assessments. Manage security communications with third-party vendors (Google Security, VisitHealth, PingSafe, etc.) and ethical disclosures.Key RequirementsExperience:5-6 years in application, cloud or product security engineering. Strong programming/scriptingin Python, Go or Node.js (for automation). Deep understanding ofweb and mobile security ,OWASP Top 10 , andsecure SDLCpractices. Hands-on experience with: Cloud security (IAM, key management, configuration monitoring, threat detection and security monitoring using tools like CSPM, CASB, SIEM, etc.) IaC tools (Terraform, CloudFormation) CI/CD tools (GitHub Actions, Jenkins, GitLab CI) Strong understanding of containers (Docker, Kubernetes, EKS/GKE) Familiar withAI model securityanddata privacy principles(preferred). Knowledge ofcompliance frameworkslike ISO 27001, SOC2, NIST or GDPR. Certifications (Good to have):OSCP, GCP/AWS Security Specialty, CEH, CISSP or CKS .Soft SkillsStrong analytical and problem-solving mindset. Excellent cross-functional collaboration. Passion for innovation, automation and continuous learning.