
Product Security Lead
1 day ago
Function: Product Security
Experience: 7–12 years (incl. 2+ years in a lead/ownership role)
About the role
We're looking for an Product Security Lead to embed security into our SDLC and own end-to-end VAPT remediation across our lending product suite (LOS/LMS, rules engine, analytics). You'll partner with engineering and platform teams to design, build, and operate secure-by-default products used by leading financial institutions.
What you'll do
- Own the Secure SDLC for microservices (Java/Spring Boot), Node/TypeScript backends, Angular UIs, and Android/Flutter apps—policy, standards, and release gates.
- Build and run CI/CD security controls: SAST, SCA/SBOM, secrets & IaC checks, container/image scanning; automate DAST/IAST in pipelines; enforce block-on-fail where needed.
- Drive VAPT end-to-end: scope with internal/third-party testers, triage findings, set SLAs, track remediation to closure; verify fixes and prevent regressions.
- Threat model & review designs/code for authN/Z, crypto, session management, API security, data protection/PII, and high-risk modules (payments, onboarding, documents).
- Cloud & platform security (AWS): baselines for EC2/ALB, RDS/KMS, S3 policies, network segmentation, mTLS/JWT service auth, Vault-backed secrets, and key rotation.
- Observability & governance: wire security logs to SIEM, define AppSec KPIs (MTTR, SLA adherence, gate coverage), and report risk posture to engineering leadership.
- Upskill teams: run secure coding workshops, build a "security champions" program, create playbooks/runbooks for common vulns and abuse cases.
What you'll bring
- 7–12 years in Application/Product Security, including leading Secure SDLC and VAPT remediation in a product engineering environment.
- Hands-on with SAST/SCA/DAST/IAST, code reviews, and threat modeling (e.g., STRIDE); ability to read code in Java/Spring, Node/TypeScript, and Angular.
- Prior experience in integrating security checks and gating critera with CI platform like SonarQube
- Strong grasp of OWASP Top 10, API Security Top 10, ASVS, CWE, secrets management, and CI/CD hardening.
- AWS security experience: IAM, KMS, RDS encryption, SG/WAF, CloudTrail/GuardDuty; familiarity with Docker/Kubernetes and IaC (Terraform/CloudFormation).
- Experience running vendor/3rd-party VAPT cycles and landing fixes to SLA with engineering teams.
- Awareness of compliance contexts (ISO 27001/SOC 2, RBI guidance, DPDP Act) and secure handling of PII/financial data.
- Nice to have: mobile app security (OWASP MASVS), OAuth2/OIDC, mTLS, WebAuthn/modern auth patterns; Kafka, Redis, NGINX, Consul, Vault.
- Certifications (optional, a plus): OSWE/OSCP, GWAPT/GWEB, CSSLP.
What success looks like (first 6 months)
- ≥ 95% of Critical/High findings closed within SLA across services.
- All repos behind security gates with SBOMs published; zero hard-coded secrets; baseline threat models for top services.
- Repeatable VAPT → remediation → verification loop with dashboards visible to leadership.
Why join us
- Build security for mission-critical fintech products at scale.
- High ownership, direct impact, and the chance to set the bar for product security across our stack.
- Collaborative culture with strong engineering, rapid delivery, and growth opportunities.
-
Security Product Lead
1 day ago
Chennai, Tamil Nadu, India beBeeSecurity Full time ₹ 20,00,000 - ₹ 40,00,000Product Security Lead OpportunityWe are seeking an experienced security professional to lead and strengthen our product security initiatives.
-
Product Security Lead
22 hours ago
Chennai, Tamil Nadu, India Hotfoot Technology Solutions Full timeLocation: Chennai (HQ) - Onsite Function: Product Security Experience: 7–12 years (incl. About the role We're looking for an Product Security Lead to embed security into our SDLC and own end-to-end VAPT remediation across our lending product suite (LOS/LMS, rules engine, analytics). You'll partner with engineering and platform teams to design,...
-
Product Security Strategist
3 days ago
Chennai, Tamil Nadu, India beBeeProductSecurity Full time US$ 1,25,000 - US$ 1,75,000Product Security StrategistWe are seeking an experienced Product Security Strategist to lead our product security initiatives. As a key member of our engineering team, you will be responsible for designing and implementing secure products that meet the highest standards.
-
Product Security Specialist
3 days ago
Chennai, Tamil Nadu, India beBeeSecurity Full time ₹ 1,50,00,000 - ₹ 2,50,00,000About Us:We're seeking a seasoned Security Professional to spearhead security initiatives within our organization. This individual will be responsible for integrating security into our software development lifecycle, owning end-to-end vulnerability assessment and penetration testing remediation across our lending product suite.The ideal candidate will...
-
Product Security Engineer
1 week ago
Chennai, Tamil Nadu, India Quvia Full time US$ 1,25,000 - US$ 1,75,000 per yearAbout the RoleWe're seeking a Product Security Engineer to play a critical part in building and evolving Quvia's security posture across our products' entire lifecycle. In this highly impactful role, you'll partner with product management, engineering, and operations teams to assess product risks, define secure development standards, enforce security...
-
HACLA - Security Lead - G3
4 days ago
Chennai, Tamil Nadu, India Bahwan Cybertek Group Full time ₹ 9,00,000 - ₹ 12,00,000 per yearResponsible for leading the security team and managing the overall security operations for HACLA (Housing Authority of the City of Los Angeles) Develop and implement security policies, standards, and procedures to ensure the protection and confidentiality of HACLA's information assets. Lead incident response activities, including investigation, containment,...
-
Lead IT Security Engineer
4 weeks ago
Chennai, Tamil Nadu, India Theron Solutions Full timeAbout the jobYour Primary Responsibilities:- Provide technical support for Zscaler products (ZIA, ZPA, ZDX), including troubleshooting and resolving issues.- Monitor and maintain the health and performance of Zscaler solutions.- Collaborate with support teams to understand their technical needs and provide effective solutions.- Assist in the deployment and...
-
Lead IT Security Engineer
1 day ago
Chennai, Tamil Nadu, India Theron Solutions Full timeAbout the jobYour Primary Responsibilities:Provide technical support for Zscaler products (ZIA, ZPA, ZDX), including troubleshooting and resolving issues.Monitor and maintain the health and performance of Zscaler solutions.Collaborate with support teams to understand their technical needs and provide effective solutions.Assist in the deployment and...
-
Lead IT Security Engineer
17 hours ago
Chennai, Tamil Nadu, India Theron Solutions Full timeAbout the job Your Primary Responsibilities: Provide technical support for Zscaler products (ZIA, ZPA, ZDX), including troubleshooting and resolving issues. Monitor and maintain the health and performance of Zscaler solutions. Collaborate with support teams to understand their technical needs and provide effective solutions. Assist in the deployment and...
-
Secure by Design
14 hours ago
Chennai, Tamil Nadu, India beBeeSecurity Full time ₹ 15,00,000 - ₹ 25,00,000Job Title:Product Security SpecialistLocation:Chennai (HQ) - Onsite Function: Product Security Experience: 7–12 years (incl. about the role We're looking for an Product Security Lead to embed security into our software development lifecycle and own end-to-end vulnerability assessment and penetration testing remediation across our lending product suite....