Security Engineer (Application & Platform Security)
We are seeking a Security Engineer to own and lead application and platform security across our web portals, APIs, and infrastructure. This role requires a hands on professional who can identify vulnerabilities, design security architecture, enforce compliance, and build a security first culture across teams. You will work closely with engineering, product, and leadership to ensure our systems remain resilient, compliant, and trustworthy.
Key Responsibilities
• Identify security vulnerabilities across web applications, portals, APIs, and infrastructure
• Conduct regular vulnerability assessments, penetration testing, and controlled exploitation exercises
• Design, implement, and maintain application security architecture and controls
• Develop and deploy security tools, scripts, and monitoring systems
• Manage encryption protocols for data at rest and data in transit
• Configure and maintain firewalls, IDS, and IPS systems
• Monitor systems for security incidents and respond to breaches or anomalies
• Perform risk assessments and security audits across products and departments
• Define and enforce security policies, standards, and best practices
• Report vulnerabilities clearly with remediation plans and technical recommendations
• Lead security awareness and training sessions for engineering and operations teams
• Develop and execute the organization’s long term security strategy
• Coordinate security efforts across departments and projects
• Manage security budgets, tools, and vendor relationships
• Ensure compliance with applicable data protection and security laws and standards including GDPR and India’s DPDPA
Qualifications
• Bachelor’s degree in Computer Science, Information Security, or a related field
• 3 to 7 years of experience in application security, platform security, or cybersecurity roles
• Strong experience with web application security and API security
• Hands on experience with penetration testing methodologies and tools
• Experience managing encryption standards and key management practices
• Working knowledge of network security, firewalls, IDS, and IPS systems
• Familiarity with secure SDLC and DevSecOps practices
• Prior experience working with regulated or sensitive data environments is a strong advantage
Skills and Competencies
• Strong understanding of OWASP Top 10 and modern attack vectors
• Ability to think like an attacker while designing defensive systems
• Clear documentation and reporting skills for technical and non technical stakeholders
• Practical mindset focused on risk reduction rather than theoretical security
• Ability to work independently and take ownership of security outcomes
• Leadership capability to influence teams without direct authority
What We Offer
• Ownership of security architecture across real world, high impact platforms
• Direct access to decision makers and product leadership
• Competitive compensation based on expertise and responsibility
• Long term role with scope to build and lead security initiatives at scale