Senior Security Engineer

We are looking for a passionate and skilled Security Engineer to join our growing fintech team. You will be instrumental in safeguarding our systems, applications, and data by leveraging open-source technologies and best practices in security engineering. If you thrive in a fast-paced, innovation-driven environment and have hands-on experience with SIEM tools, log analysis, and application security, we'd love to hear from you.

The ideal candidate should have strong experience across cloud platforms, vulnerability management programs, defensive controls, and collaboration with engineering teams. Candidates with bug bounty participation, responsible disclosure history, exploit validation experience, or other evidence of hands-on offensive depth are especially valuable because they show the ability to distinguish real-world risk from theoretical findings.

• Design, implement, and improve security controls across cloud, network, application, and infrastructure environments, including IAM, encryption, logging, segmentation, and perimeter defenses.
• Lead automation of security operations, vulnerability management, remediation tracking, reporting, and control validation using scripting and infrastructure-as-code approaches.
• Build and integrate security controls into SDLC, DevSecOps, and cloud engineering workflows to reduce risk at scale.
• Conduct or guide penetration testing, security assessments, and exploitability validation activities to verify risk and improve remediation quality.
• Review findings from scanners, pentests, threat intelligence, and bug bounty channels; validate severity, remove false positives, and prioritize remediation based on practical impact.
• Partner with infrastructure, DevOps, software engineering, and operations teams to implement secure-by-default patterns and scalable guardrails.
• Produce technical reports, dashboards, and operational insights for engineering teams and management stakeholders.
• Mentor junior engineers and contribute to security standards, playbooks, and process improvements across the organization.

• 6+ years of experience in cybersecurity with strong hands-on exposure to security engineering, cloud security, vulnerability management, or penetration testing.
• Practical experience securing AWS, Azure, or GCP environments, including IAM, access control, encryption, network protection, and security monitoring.
• Strong knowledge of security engineering principles across cloud, application, network, and infrastructure layers.
• Strong understanding of VAPT concepts, exploitability validation, and vulnerability prioritization.
• Hands-on scripting ability in Python and the ability to automate workflows, enrich security data, or modify tooling to support security operations.
• Experience with vulnerability management lifecycle, remediation coordination, and security reporting.
• Strong written and verbal communication skills for technical collaboration and stakeholder reporting.

• Bug bounty profile, responsible disclosure history, public write-ups, labs, or other evidence of offensive security depth.
• Experience with SIEM, SOAR, WAF, IDS/IPS, VPNs, and cloud-native security tooling.
• Familiarity with AI/ML-assisted security tools or risk prioritization workflows where relevant.
• Experience with Terraform, CloudFormation, Ansible, or similar automation and infrastructure-as-code tooling.
• Certifications such as OSCP, GPEN, CISSP, CCSP, AWS Security Specialty, or equivalent.