Staff Engineer – Product Security

Job Title: Staff Engineer – Product Security Location: Bangalore, India Who We Are: For enterprises struggling to secure cloud workloads, Aviatrix® offers a single solution for pervasive cloud security. Where current cybersecurity approaches focus on securing entry points to a trusted space, Aviatrix Cloud Native Security Fabric (CNSF) delivers runtime security and enforcement within the cloud application infrastructure itself – closing gaps between existing solutions and helping organizations regain visibility and control. Aviatrix ensures security, cloud, and networking teams are empowering developer velocity, AI, serverless, and what’s next. For more information, visit www.aviatrix.com.About the role: As a Staff Engineer – Product Security, you will play a critical role in safeguarding our cutting-edge products and driving security innovation in a dynamic, multi-cloud environment. You will collaborate closely with cross-functional teams to embed security into every stage of product development while staying ahead of evolving threats and industry best practices. This role requires deep expertise in cloud security — including cloud configuration reviews, cloud network security, and experience with CSPM/CNAPP tools — as well as the ability to drive security integration into modern DevOps pipelines. Additionally, you will be expected to effectively leverage AI in the security review workflow to increase accuracy, efficiency, and coverage. This is a mid-to-senior level role with significant influence over product security. Position Responsibilities:Own security projects end-to-end – ensuring progress tracking, stakeholder alignment and measurable improvements to customer security posture. Review the design, architecture, and implementation of Aviatrix products to ensure adherence to the highest security standards. Write and present design proposals and tradeoff evaluations. Apply AI effectively in the security review workflow (e.g., automated code analysis, threat detection, anomaly spotting, vulnerability triage) to improve efficiency and precision. Conduct vulnerability scanning using multiple tools, automate result aggregation, triage findings, and provide customers with clear guidance and effective mitigation strategies to address security concerns, particularly related to CVEs and vulnerability management. Utilize CSPM and CNAPP tools to monitor and enforce security best practices across multi-cloud environments. Collaborate with engineering, product management, and DevOps teams to integrate security into all stages of the product development lifecycle. Conduct threat modeling, secure code reviews, and penetration tests to identify vulnerabilities and recommend mitigations. Ensure compliance with security and privacy best practices, including OWASP Top 10, GDPR, and evolving cryptographic standards. Research and stay updated on the latest security trends, tools, and vulnerabilities to proactively protect Aviatrix products. Requirements6+ years of experience in product or application security engineering with a focus on secure design and implementation. Proven ability to independently own and deliver projects with limited direction. Proficiency in one or more programming languages: TypeScript, Python, GoLang, Java, or C/C++. Extensive expertise in cloud security, including experience conducting cloud configuration reviews (AWS, Azure, GCP, Terraform, CloudFormation). Strong understanding of cloud network security principles and best practices in one or more cloud environments (AWS, Azure, GCP). Hands-on experience with CSPM/CNAPP tools for monitoring and compliance. Deep understanding of cryptographic algorithms, protocols, and secure communication practices. Extensive experience in threat modeling, secure code reviews, and penetration testing. Familiarity with security compliance standards, including OWASP Top 10 and cryptographic guidelines. Relevant certifications such as OSCP or OSWE are a plus.