Product Security Engineer

We are looking for a

Security Engineer

with 7+ years of strong experience in

coding

and

automation

skills to join our Product team. This role involves embedding

security practices

throughout the software development lifecycle, driving secure design, and ensuring our product platforms meet the highest security standards. You will work closely with developers, architects, and DevOps engineers to proactively identify, mitigate, and remediate security vulnerabilities.

Required Professional and Technical Expertise:

* Perform application security assessments, code reviews, and threat modeling for new features and releases. * Develop secure coding guidelines, automation tools, and scripts to enhance security posture. * Integrate security checks into CI/CD pipelines (SAST, DAST, Twist log etc.). * Analyze and remediate vulnerabilities across cloud, APIs, and backend services. * Work with the DevOps and SRE teams to ensure secure infrastructure configurations and compliance. * Collaborate with product and engineering teams on security process, development, and deployment phases. * Conduct incident response and root cause analysis for security events related to product environments. * Partner with QA and platform teams to ensure secure release readiness. * Keep up-to-date with emerging threats, attack vectors, and mitigation techniques. * Strong Knowledge on PSIRT process * Proficiency in one or more programming languages: Python, Go lang. * Strong understanding of web application security, API security. * Hands-on experience with SAST, DAST, SCA tools (e.g., SonarQube, Twistlock, Mend SCA , Detect secret, Zap etc.). * Experience with cloud security (AWS / Azure / GCP) and containerized environments (Docker, Kubernetes). * Familiarity with CI/CD pipelines and integrating security controls in DevOps workflows. * Knowledge of authentication and authorization frameworks * Strong analytical and problem-solving skills with attention to detail.

Preferred Professional and Technical Expertise * Experience in SaaS or Product-based environments. * Knowledge of security automation, policy-as-code, or custom tooling development. * Relevant certifications (e.g., OSCP, CEH, GCP/AWS Security Specialty, CISSP) are a plus.