Experience: 8–12 years
Location: Bangalore - 4 days WFO, 1 day WFH
About the Company
Our client is a global cross-border payments fintech operating across 70+ markets. They enable merchants to collect payments locally through multiple payment methods, virtual accounts, and cards—without the need to set up local entities. Their platform ensures regulatory compliance, reduces transaction costs, improves FX transparency, and delivers higher authorization rates.
This is a chance to join a high-growth company and secure mission-critical payment infrastructure. You’ll help build scalable, secure systems used by thousands of global customers.
Role Overview
The Senior Security Engineer will be responsible for securing the company’s full technology stack, including AWS cloud infrastructure, Node.js and Go applications, CI/CD pipelines, and compliance workflows. You will lead major security initiatives, build automation, and strengthen defenses across cloud, application, and infrastructure layers.
Key Responsibilities (Core & Essential Only)
Cloud & Infrastructure Security
- Design and secure AWS cloud architecture across compute, storage, networking, and serverless.
- Implement defenses using AWS WAF, Shield, CloudFront, GuardDuty, Security Hub, CloudTrail.
- Secure VPC, Security Groups, NACLs, Transit Gateway, and network segmentation.
- Harden containerized workloads (Docker, EKS) and manage secrets (AWS Secrets Manager/Parameter Store).
Application Security
- Secure Node.js and GoLang microservices across CI/CD and production environments.
- Implement SAST, SCA, dependency checks, and vulnerability scanning (Semgrep, Gitleaks).
Monitoring & Incident Response
- Build monitoring and alerting frameworks using CloudWatch, CloudTrail, GuardDuty.
- Conduct periodic audits using tools like Prowler and ScoutSuite.
- Investigate incidents, automate detections, and build dashboards for visibility.
Compliance & Risk
- Support compliance for PCI DSS, GDPR, SOX, and financial regulatory requirements.
- Implement data protection controls, risk assessments, and DR/BCP practices.
Automation & DevSecOps
- Implement IaC security using Terraform/CloudFormation/CDK.
- Automate security policies, scanning, and remediation using Python/Bash.
Required Skills & Qualifications
8–12 years of experience with strong expertise in AWS cloud security.
Hands-on experience with AWS WAF, Shield, CloudFront, IAM, GuardDuty, Security Hub.
Strong understanding of application security for Node.js and Go microservices.
Experience securing Docker/EKS environments.
Strong in IaC (Terraform/CFN/CDK) and automation (Python/Bash).
Familiarity with financial regulations and compliance frameworks.
Solid understanding of network security, cryptography, IAM, and API security.
Preferred (Nice to Have)
- AWS Security Specialty, AWS Solutions Architect/DevOps, CISSP, or CCSP.
- Experience with serverless security, blockchain/Web3, or SOAR tools.
- Knowledge of service mesh security (e.g., Istio) or ML-based threat detection.
What You Bring
- Deep cloud security expertise and technical leadership.
- Ability to influence architecture and drive security initiatives end-to-end.
- Strong problem-solving skills with an automation-first mindset.
- Clear communication and ability to manage multiple projects.
Why Join?
Be part of a high-growth fintech and help secure global payment infrastructure across 70+ markets. You will build and scale security from the ground up, solve complex challenges, and be part of an exciting growth story.