Product Security Lead
7 days ago
Location:
Chennai (HQ) - Onsite
Function:
Product Security
Experience:
7–12 years (incl. 2+ years in a lead/ownership role)
About the role
We're looking for an Product Security Lead to embed security into our SDLC and own end-to-end VAPT remediation across our lending product suite (LOS/LMS, rules engine, analytics). You'll partner with engineering and platform teams to design, build, and operate secure-by-default products used by leading financial institutions.
What you'll do
- Own the Secure SDLC
for microservices (Java/Spring Boot), Node/TypeScript backends, Angular UIs, and Android/Flutter apps—policy, standards, and release gates. - Build and run CI/CD security controls:
SAST, SCA/SBOM, secrets & IaC checks, container/image scanning; automate DAST/IAST in pipelines; enforce block-on-fail where needed. - Drive VAPT end-to-end:
scope with internal/third-party testers, triage findings, set SLAs, track remediation to closure; verify fixes and prevent regressions. - Threat model & review designs/code
for authN/Z, crypto, session management, API security, data protection/PII, and high-risk modules (payments, onboarding, documents). - Cloud & platform security (AWS):
baselines for EC2/ALB, RDS/KMS, S3 policies, network segmentation, mTLS/JWT service auth, Vault-backed secrets, and key rotation. - Observability & governance:
wire security logs to SIEM, define AppSec KPIs (MTTR, SLA adherence, gate coverage), and report risk posture to engineering leadership. - Upskill teams:
run secure coding workshops, build a "security champions" program, create playbooks/runbooks for common vulns and abuse cases.
What you'll bring
- 7–12 years in
Application/Product Security
, including leading Secure SDLC and VAPT remediation in a product engineering environment. - Hands-on with
SAST/SCA/DAST/IAST
, code reviews, and threat modeling (e.g., STRIDE); ability to read code in
Java/Spring
,
Node/TypeScript
, and
Angular
. - Prior experience in integrating security checks and gating critera with CI platform like SonarQube
- Strong grasp of
OWASP Top 10, API Security Top 10, ASVS, CWE
, secrets management, and CI/CD hardening. - AWS security
experience: IAM, KMS, RDS encryption, SG/WAF, CloudTrail/GuardDuty; familiarity with Docker/Kubernetes and
IaC
(Terraform/CloudFormation). - Experience running vendor/3rd-party
VAPT
cycles and landing fixes to SLA with engineering teams. - Awareness of compliance contexts (ISO 27001/SOC 2, RBI guidance,
DPDP Act
) and secure handling of PII/financial data. - Nice to have: mobile app security (OWASP MASVS), OAuth2/OIDC, mTLS, WebAuthn/modern auth patterns; Kafka, Redis, NGINX, Consul, Vault.
- Certifications (optional, a plus):
OSWE/OSCP
,
GWAPT/GWEB
,
CSSLP
.
What success looks like (first 6 months)
- ≥
95%
of Critical/High findings closed
within SLA
across services. - All repos behind
security gates
with SBOMs published;
zero hard-coded secrets
; baseline threat models for top services. - Repeatable VAPT → remediation → verification loop with dashboards visible to leadership.
Why join us
- Build security for
mission-critical fintech products
at scale. - High ownership, direct impact, and the chance to set the bar for product security across our stack.
- Collaborative culture with strong engineering, rapid delivery, and growth opportunities.
-
Site Security Lead
5 days ago
Chennai, Tamil Nadu, India Jaguar Security Services Full timeSecurity StrategyProvide security guidance and ensure coverage for business operations, personnel, property, and assets.Enhance the efficiency and operational capabilities of the site security team.Build and maintain a dynamic security team to handle defined tasks effectively.Align site-level security operations with global processes and standards.Security...
-
Lead Product Security Engineer
5 days ago
Chennai, Tamil Nadu, India ASAPP Full time ₹ 12,00,000 - ₹ 36,00,000 per yearAt ASAPP, our mission is simple: deliver the best AI-powered customer experience—faster than anyone else. To achieve that, we're guided by principles that shape how we think, build, and execute. We value customer obsession, purposeful speed, ownership, and a relentless focus on outcomes. We work in tight, skilled teams, prioritize clarity over complexity,...
-
Security Shift Supervisor
7 days ago
Chennai, Tamil Nadu, India Jaguar Security Services Full time ₹ 1,20,000 - ₹ 3,00,000 per yearSecurity Shift Supervisor will be responsible for managing end-to-end security operations of the shift and will be responsible for the safety & security of employees and assets at the site.Security Shift Supervisor will report to Security Site Lead and Corporate Security Agent/ Corporate Security Agent Manager.Experience Required:Minimum graduate with 5+...
-
Security Guard Lead
3 hours ago
Chennai, Tamil Nadu, India NSK Security Full time ₹ 4,00,000 - ₹ 12,00,000 per yearResponsibilities:Patrol premises regularlyRespond to alarms promptlyMaintain fire safety protocolsMonitor CCTV systemsReport incidents accuratelyEmployee state insuranceProvident fund
-
Sr Product Security Analyst
7 days ago
Chennai, Tamil Nadu, India GE VERNOVA Full time ₹ 1,04,000 - ₹ 1,30,878 per year**Job Description Summary****As a key member of a global and matrixed design team, Sr Product Security Analyst is responsible for-Cyber security analysis of controllers, Control systems.-Lead the software and hardware penetration testing activates-Work in Collaboration with development teams to improve SDLC process, OSS/SAST/DAST scans.-Streamline SBOM...
-
Cyber Security Lead
2 weeks ago
Chennai, Tamil Nadu, India Capgemini Full time ₹ 12,00,000 - ₹ 36,00,000 per yearAbout The Role Are you a cybersecurity expert with a strong background in theBanking, Financial Services, and Insurance (BFSI)domain? Join our team to help secure mission-critical systems and protect sensitive data in a fast-paced, high-stakes environment.Domain Certifications ISO 27001,CISA, CRISC, ,CISMBackground a senior professional with hands on...
-
Product Security Engineer II
2 weeks ago
Chennai, Tamil Nadu, India Appian Corporation Full time ₹ 5,00,000 - ₹ 15,00,000 per yearHere at Appian, our values of Intensity and Excellence define who we are. We set high standards and live up to them, ensuring that everything we do is done with care and quality. We approach every challenge with ambition and commitment, holding ourselves and each other accountable to achieve the best results. When you join Appian, you'll be part of a...
-
Product Security Engineer II
2 weeks ago
Chennai, Tamil Nadu, India Appian Full time ₹ 6,00,000 - ₹ 18,00,000 per yearHere at Appian, our values ofIntensityandExcellencedefine who we are. We set high standards and live up to them, ensuring that everything we do is done with care and quality. We approach every challenge with ambition and commitment, holding ourselves and each other accountable to achieve the best results. When you join Appian, you'll be part of a passionate...
-
Lead Cyber Security Test Engineer
2 weeks ago
Chennai, Tamil Nadu, India Grundfos Full time ₹ 20,00,000 - ₹ 25,00,000 per yearAre you ready to shape the future of industrial innovation? Join us in developing the worlds most advanced pump technologies while collaborating with top-tier professionals in software for industrial products and cybersecurity. Were currently hiring a Lead Cyber Security Test Engineer in our Chennai location; your expertise could drive our next...
-
HACLA - Security Lead - G3
2 weeks ago
Chennai, Tamil Nadu, India Bahwan Cybertek Group Full time ₹ 1,20,000 - ₹ 1,80,000 per yearResponsible for leading the security team and managing the overall security operations for HACLA (Housing Authority of the City of Los Angeles) Develop and implement security policies, standards, and procedures to ensure the protection and confidentiality of HACLA's information assets. Lead incident response activities, including investigation, containment,...
