Cybersecurity Architect

Our organization is pioneering the use of AI to transform banking, utilizing Generative AI to deliver highly personalized interactions with customers across various channels and platforms.

Our goal is to make banking effortless, intelligent, and profitable by enhancing user experience while driving revenue growth and operational efficiency for financial institutions.

We have a proprietary AI built entirely in-house, designed for zero-shot learning, achieving 90%+ accuracy from Day 1. Our team comprises experts from Microsoft, ISB, and IIMs, and we've experienced an impressive 1800% growth in the last year.

As a Lead Security Engineer, you will be responsible for designing and scaling our Application and Cloud Security programs. You will collaborate closely with engineering, product, and compliance teams to embed security into every stage of our development process.

This role requires close partnership with cross-functional teams to develop secure design patterns, including authentication, input validation, access control, session management, and secure storage.

• Perform comprehensive security assessments across our application stack, including threat modeling, code reviews, dynamic scanning, and penetration testing.
• Develop and maintain secure Software Development Lifecycle (SDLC) practices, integrating security checks into Continuous Integration/Continuous Deployment (CI/CD) pipelines.
• Guide teams on secure design principles, including best practices for secure authentication, input validation, access control, session management, and secure storage.
• Continuously monitor and remediate vulnerabilities in source code and dependencies using Static Code Analysis (SCA), Static Application Security Testing (SAST), and Dynamic Application Security Testing (DAST).
• Collaborate with engineering teams to define and enforce coding standards aligned with OWASP and CWE guidelines.

• Design and maintain secure configurations for AWS environments, including networking, identity management (IAM), encryption, and logging.
• Implement and manage security services such as GuardDuty, Inspector, Security Hub, and other cloud-native tools.
• Define and enforce infrastructure-as-code (IaC) security controls using tools like Terraform, CloudFormation, or policy-as-code frameworks (e.g., OPA, Sentinel).
• Lead efforts in runtime protection, including workload scanning, intrusion detection, and anomaly alerting.
• Ensure centralized, secure log collection, monitoring, and alerting across all infrastructure components.

• Champion a shift-left approach to security—collaborating with developers early in the SDLC and providing actionable feedback during design, build, and review phases.
• Collaborate with product managers and infrastructure leads to ensure security is embedded into architectural decisions, particularly for high-risk features or regulated workflows.
• Define and promote secure defaults, least-privilege access, and zero-trust architectural principles.
• Ensure strong key management and encryption standards are applied across data at rest, in transit, and in use.

• Support compliance initiatives by building and documenting enforceable security controls.
• Work with auditors and risk teams to demonstrate maturity of security processes and ongoing improvements.
• Establish internal security policies, operational procedures, and regular audit activities.

• Drive the adoption of security-by-design across engineering functions.
• Embed continuous security testing into our CI/CD pipelines.
• Maintain a developer-centric approach to security—minimizing friction while enforcing strong protections.
• Build scalable policies and automation for secrets management, code signing, and environment hardening.
• Keep pace with evolving security threats, technologies, and tools, proactively updating controls and detection mechanisms.
• Represent security posture to executive and customer stakeholders with clarity and confidence.

The ideal candidate will bring 6+ years of experience in security engineering with a primary focus on application and cloud security. Proficiency in programming languages like Java, Python, JavaScript, and web technologies is required.

Our organization offers a remote-first culture, comprehensive benefits, and the opportunity to be at the forefront of AI innovation. If you're ready to lead with impact, apply now.