Product Security Engineer

Posted time October 3, 2025 Location Ahmedabad Job type Full Time

Job Description…

  • Job Title: Product Security Engineer
  • Location: Ahmedabad
  •  Experience: 5+ Years
  • Salary – 50 LPA – 60 LPA

Security Strategy & Architecture
● Define and implement the end-to-end product and infrastructure security roadmap.
● Lead threat modeling, secure design reviews, and drive adoption of security best practices across engineering.
● Evaluate and harden architecture for secure scalability in our cloud-native environment.
Offensive Security Testing
● Lead web and API penetration testing, combining automated tools and manual techniques.
● Own internal VAPT cycles—scheduling, tooling, execution, and remediation guidance.
● Champion a shift-left mindset through secure code review and training initiatives.
Source Code & Secure Development
● Build a robust static and dynamic analysis framework (e.g., Semgrep, SAST).
● Guide developers in writing secure code, review high-risk PRs, and maintain security linting pipelines.
Cloud & Infrastructure Security
● Lead AWS security architecture reviews and hardening.
● Partner with DevOps/SREs to secure CI/CD, secrets management, logging, and monitoring.
● Own identity and access management (IAM), least privilege design, and auditability.
Security Engineering & Automation
● Design and build security automation pipelines and tooling to scale your impact.
● Maintain a library of security utilities for internal developer use.
● Integrate open-source or custom tools into the SDLC (e.g., threat detection, fuzzing, SBOMs).
Incident Response & Resilience
● Establish a repeatable incident response playbook and ensure team preparedness.
● Lead root cause analysis and postmortem reviews of any security events.
Requirements
● 5+ years of experience in application security, cloud security, or security engineering roles.
● Demonstrated expertise in web application security, API security, AWS security, and secure software development.
● Hands-on experience with manual and automated pentesting, VAPT, threat modeling, and code audits.
● Strong background in scripting or software development
● Familiarity with security frameworks and tools (e.g., Burp Suite, Semgrep, KICS, Trivy, OSQuery).
● Working knowledge of DevSecOps, CI/CD pipelines, and security tooling integration.
● Excellent communication, leadership, and cross-functional collaboration skills.
● Willingness to work onsite and closely with engineers, product managers, and leadership.

Mail your resume to [email protected]