Senior Security Engineer
20 hours ago
Job Description Title: Senior Product Security Security Engineer The Role: Razorpay is looking for a Senior Application Security Engineer with solid experience in AppSec fundamentalssecure code review, vulnerability discovery, API security, and practical pentesting skills. The ideal candidate should also be able to perform basic threat modeling for new features and understand the emerging risks from AI-driven attack patterns. Roles/Responsibilities: - Perform application-level pentests across web, mobile, and backend services. - Identify, validate, and help remediate vulnerabilities including OWASP Top 10, API Top 10, and logic flaws. - Conduct security assessments for identity flows, API endpoints, microservices, and internal tools. - Review code (manual + assisted) to detect common AppSec issues. Application Security & Pentesting - Perform application-level pentests across web, mobile, and backend services. - Identify, validate, and help remediate vulnerabilities including OWASP Top 10, API Top 10, and logic flaws. - Conduct security assessments for identity flows, API endpoints, microservices, and internal tools. - Review code (manual + assisted) to detect common AppSec issues. Threat Modeling (Basic) - Perform threat modeling for new features: - Identify data-flow risks - Spot common misconfigurations - Highlight authentication/authorization concerns - Document potential abuse cases and propose simple, actionable mitigations. AI / LLM Security (Introductory) - Understand the basics of AI-driven attack vectors: prompt manipulation, data leakage, misuse of LLM-based features. - Flag potential AppSec risks in AI-assisted workflows or model integrations. - Support teams in implementing simple guardrails around AI/LLM usage. Secure SDLC & Developer Productivity - Integrate AppSec checks into CI/CD pipelinesSAST, SCA, secrets scanning, basic DAST. - Support engineering teams with secure coding guidance and easy-to-consume AppSec patterns. - Help create developer-friendly standards, checklists, and best practices. Tooling & Automation - Write small scripts or utilities (Python/JS/Go) for repetitive security checks. - Contribute to improving internal AppSec automation and dashboards. Requirements: - A Bachelor's degree in Computer Science, Cybersecurity, or a related field. - A minimum of 5-8 years of experience in application security. - Hands-on experience with offensive security practices and product security vulnerability management. - Practical pentesting experience with tools like Burp Suite, ZAP, Postman, and custom scripts. - Basic working knowledge of threat modeling techniques (STRIDE-lite, DFD-based reasoning, or simple checklist-based models). - Familiarity with AI/LLM security basics (prompt injection, data leakage paths, output validation). - Programming/scripting experience (Python/JS/Go preferred). - Experience with AppSec tools in CI/CD. Location: Bangalore
-
Senior Security Engineer
2 weeks ago
India Symosis Security Full timeLocation : Remote (India) Type : Full-Time Symosis Security About Symosis Security Symosis Security is a fast-growing cybersecurity and technology firm helping global organizations strengthen their cloud, application, and AI security posture. We combine deep technical expertise with practical execution—supporting clients across threat modeling,...
-
Senior Security Engineer – Cloud, AI
2 weeks ago
India Symosis Security Full timeLocation: Remote (India)Type: Full-TimeCompany: Symosis SecurityAbout Symosis SecuritySymosis Security is a fast-growing cybersecurity and technology firm helping global organizations strengthen their cloud, application, and AI security posture. We combine deep technical expertise with practical execution—supporting clients across threat modeling,...
-
Senior Security Engineer – Cloud, AI
2 weeks ago
India Symosis Security Full timeLocation : Remote (India) Type : Full-Time Company : Symosis Security About Symosis Security Symosis Security is a fast-growing cybersecurity and technology firm helping global organizations strengthen their cloud, application, and AI security posture. We combine deep technical expertise with practical execution—supporting clients across threat modeling,...
-
Senior Security Engineer
2 weeks ago
India Symosis Security Full timeLocation : Remote (India) Type : Full-Time Company : Symosis Security About Symosis Security Symosis Security is a fast-growing cybersecurity and technology firm helping global organizations strengthen their cloud, application, and AI security posture. We combine deep technical expertise with practical execution—supporting clients across threat modeling,...
-
India Symosis Security Full timeLocation: Remote (India) Type: Full-Time Company: Symosis Security About Symosis Security Symosis Security is a fast-growing cybersecurity and technology firm helping global organizations strengthen their cloud, application, and AI security posture. We combine deep technical expertise with practical execution—supporting clients across threat modeling,...
-
Senior Security Engineer – AI, Cloud
2 weeks ago
India Symosis Security Full timeLocation: Remote (India)Type: Full-TimeCompany: Symosis SecurityAbout Symosis SecuritySymosis is a cybersecurity consulting firm purpose-built for the AI-native, cloud-first era. We help public-sector and enterprise clients mature their security operations through managed services, offensive testing, governance, and automation. We’re expanding our MSSP...
-
Senior Security Engineer – AI, Cloud
2 weeks ago
India Symosis Security Full timeLocation : Remote (India) Type : Full-Time Company : Symosis Security About Symosis Security Symosis is a cybersecurity consulting firm purpose-built for the AI-native, cloud-first era. We help public-sector and enterprise clients mature their security operations through managed services, offensive testing, governance, and automation. We’re expanding our...
-
Senior Security Engineer – AI, Cloud
2 weeks ago
India Symosis Security Full timeLocation: Remote (India) Type: Full-Time Company: Symosis Security About Symosis Security Symosis is a cybersecurity consulting firm purpose-built for the AI-native, cloud-first era. We help public-sector and enterprise clients mature their security operations through managed services, offensive testing, governance, and automation. We're expanding our MSSP...
-
Senior Security Automation Engineer
5 days ago
India Symosis Security Full timeAbout Symosis SecuritySymosis is a fast-growing US cybersecurity and engineering firm building real, high-impact security automation for some of the largest tech companies in the world.We move fast, solve hard problems, and ship clean, production-grade engineering — not slides, not theory. If you want to work on serious API engineering, data pipelines,...
-
Senior Security Automation Engineer
5 days ago
India Symosis Security Full timeAbout Symosis Security Symosis is a fast-growing US cybersecurity and engineering firm building real, high-impact security automation for some of the largest tech companies in the world. We move fast, solve hard problems, and ship clean, production-grade engineering — not slides, not theory. If you want to work on serious API engineering, data pipelines,...
