Principal Security Engineer

About Us

Emeritus is committed to teaching the skills of the future by making high-quality education accessible and affordable to individuals, companies, and governments around the world. It does this by collaborating with more than 50 top-tier universities across the United States, Europe, Latin America, Southeast Asia, India and China. Emeritus short courses, degree programs, professional certificates, and senior executive programs help individuals learn new skills and transform their lives, companies and organizations. Its unique model of state-of-the-art technology, curriculum innovation, and hands-on instruction from senior faculty, mentors and coaches has educated more than 250,000 individuals across 80+ countries. Founded in 2015, Emeritus, part of Eruditus Group, has more than 2,000 employees globally and offices in Mumbai, New Delhi, Shanghai, Singapore, Palo Alto, Mexico City, New York, Boston, London, and Dubai. Following its $650 million Series E funding round in August 2021, the Company is valued at $3.2 billion, and is backed by Accel, SoftBank Vision Fund 2, the Chan Zuckerberg Initiative, Leeds Illuminate, Prosus Ventures, Sequoia Capital India, and Bertelsmann.

Key Responsibilities

Perform application security reviews, threat modeling and secure coding assessments

Implement and maintain DevSecOps pipelines to embed security into CI/CD workflows

Configure and monitor cloud security controls including IAM, network security and compliance

Conduct vulnerability assessments, penetration testing and bug bounty triage

Manage incident response and SecOps processes including detection, monitoring and remediation

Work closely with engineering teams to fix vulnerabilities and improve overall security posture

Contribute to security awareness by sharing best practices and training developers

Requirements

10+ years of hands-on security experience in AppSec, Cloud Security, DevSecOps and SecOps

Proven track record in startup or fast-paced environments.

Strong knowledge of OWASP Top 10, MITRE ATT&CK, threat modeling and secure SDLC

Experience with bug bounty programs, penetration testing or vulnerability disclosure.

Familiarity with security tools (SAST, DAST, SIEM, XDR, container security, IaC scanning)

Clear communication skills to collaborate with engineers and stakeholders

Good to Have

Certifications (OSCP, OSCE, CCSP)

Exposure to leading security practices in early-stage companies