Founded in 2014, Circles is a global technology company reimagining the telco industry with its innovative SaaS platform, empowering telco operators worldwide to effortlessly launch innovative digital brands or refresh existing ones, accelerating their transformation into techcos.
Today, Circles partners with leading telco operators across multiple countries and continents, including KDDI Corporation, Etisalat Group (e&), AT&T, and Telkomsel, creating blueprints for future telco and digital experiences enjoyed by millions of consumers globally.
Besides its SaaS business, Circles operates three other distinct businesses:
- Circles.Life: A wholly-owned digital lifestyle telco brand based in Singapore, Circles.Life is powered by Circles SaaS platform and pioneering go-to-market strategies. It is the digital market leader in Singapore and has won numerous awards for marketing, customer service, and innovative product offerings beyond connectivity.
- Circles Aspire: A global provider of Communications Platform-as-a-Service (CPaaS) solutions. Its cloud-based Experience Cloud platform enables enterprises, service providers and developers to deliver and scale mobile, messaging, IoT, and connectivity services worldwide.
- Jetpac: Specializing in travel tech solutions, Jetpac provides seamless eSIM roaming for over 200 destinations and innovative travel lifestyle products, redefining connectivity for digital travelers. Jetpac was awarded Travel eSIM of the Year.
Circles is backed by renowned global investors, including Peak XV Partners (formerly Sequoia), Warburg Pincus, Founders Fund, and EDBI (the investment arm of the Singapore Economic Development Board), with a track record of backing industry challengers.
Standardized Job Title: Senior Engineer, Security Engineering
Role: Senior Security Engineer (Offensive Security)
Location: Bangalore
About This Role
As a Senior Security Engineer (Offensive Security) you will be given a unique opportunity to solve security challenges in our Cloud environments and work on high impact projects.
As a subject matter expert for Offensive Security, you will be responsible for:
- Conduct deep-dive penetration testing across our Web, API, and Mobile (iOS/Android) platforms.
- Bridge the gap between discovery and remediation by collaborating with developers to provide actionable insights, ensuring every vulnerability found is a lesson learned.
- Collaborate with the engineering teams, ensuring robust security is baked into the SDLC from the initial requirements phase through to deployment.
- Create the feedback loop with the engineering team to ensure the gaps discovered through penetration testing is fixed
- Drive the standardization of security best practices across our Cloud Infrastructure
(AWS/GCP/Kubernetes) and fine-tune edge defenses like WAF to neutralize zero-day threats.
- Stay ahead of the curve by leveraging and building AI/ML-driven solutions to automate continuous penetration testing and identify emerging attack vectors in LLM integrations.
- Drive standardization of best practices across all aspects of SDLC and Cloud Security
- Identify potential gaps in existing environments, areas to improve our security posture by comparing against the baseline security standards
What are we looking for
- 610 years of experience in Cyber Security with a heavy focus on offensive operations and penetration testing.
- Strong expertise in penetration testing of Web, API and Mobile application platforms
- Deep mastery of API-based architectures and OWASP ASVS frameworks
- Hands-on experience penetration testing modern authentication and authorization mechanisms, including JWT , OAuth2, and Auth0.
- Proven ability to manually exploit and automate tests for XSS, Injection, Hijacking, and complex logic flaws in payment gateways or authentication flows.
- Experience in automating penetration testing test cases to enable continuous testing
- Proficient in at least one language (Python, Java, or JavaScript) with a passion for automation to focus on high-value manual exploitation.
- Specific knowledge of the OWASP Top 10 for LLM Applications and experience using AI to security test the workflows.
- Hands-on experience securing Cloud and Kubernetes environments. You should be comfortable navigating microservices and containerized workloads.
- Prior experience of offensive security testing and navigating the unique security challenges of an ecommerce or digital telco platform will be an advantage
- Passion for security, a practical and balanced approach to security issues
- Knowledge and deep understanding of security engineering best practices.
- Critical thinker, good communicator and problem-solving skills.
Circles is committed to a diverse and inclusive workplace. We are an equal opportunity employer and do not discriminate on the basis of race, national origin, gender, disability or age.
Data Protection and Privacy Statement
By submitting an application for this position, you, as the applicant, or your authorised representative(s), consent to
Circles Candidate Data Protection and Privacy Policy. You also agree to the collection, use, and/or disclosure of your personal data by us solely for recruitment purposes as specified in the Policy. You acknowledge that you have read and understood the Policy, are aware of your rights regarding your personal data, and accept the terms relating to international data transfers, where applicable. You further understand that you may withdraw consent at any time, which may affect our ability to consider your application. In instances where your personal data or application is submitted by a third party, it is understood that such third party has been duly authorised by you to disclose the relevant personal data and provide consent on your behalf, and that you have been made aware of this Policy.
To all recruitment agencies: Circles will only acknowledge resumes shared by recruitment agencies if selected in our preferred supplier partnership program.
Please do not forward resumes to our jobs alias, Circles, employees or any other company location. Circles will not be held accountable for any fees related to unsolicited resumes not uploaded via our ATS.
