Product Security Lead
6 days ago
Location:
Chennai (HQ) - Onsite
Function:
Product Security
Experience:
7–12 years (incl. 2+ years in a lead/ownership role)
About the role
We're looking for an Product Security Lead to embed security into our SDLC and own end-to-end VAPT remediation across our lending product suite (LOS/LMS, rules engine, analytics). You'll partner with engineering and platform teams to design, build, and operate secure-by-default products used by leading financial institutions.
What you'll do
- Own the Secure SDLC
for microservices (Java/Spring Boot), Node/TypeScript backends, Angular UIs, and Android/Flutter apps—policy, standards, and release gates. - Build and run CI/CD security controls:
SAST, SCA/SBOM, secrets & IaC checks, container/image scanning; automate DAST/IAST in pipelines; enforce block-on-fail where needed. - Drive VAPT end-to-end:
scope with internal/third-party testers, triage findings, set SLAs, track remediation to closure; verify fixes and prevent regressions. - Threat model & review designs/code
for authN/Z, crypto, session management, API security, data protection/PII, and high-risk modules (payments, onboarding, documents). - Cloud & platform security (AWS):
baselines for EC2/ALB, RDS/KMS, S3 policies, network segmentation, mTLS/JWT service auth, Vault-backed secrets, and key rotation. - Observability & governance:
wire security logs to SIEM, define AppSec KPIs (MTTR, SLA adherence, gate coverage), and report risk posture to engineering leadership. - Upskill teams:
run secure coding workshops, build a "security champions" program, create playbooks/runbooks for common vulns and abuse cases.
What you'll bring
- 7–12 years in
Application/Product Security
, including leading Secure SDLC and VAPT remediation in a product engineering environment. - Hands-on with
SAST/SCA/DAST/IAST
, code reviews, and threat modeling (e.g., STRIDE); ability to read code in
Java/Spring
,
Node/TypeScript
, and
Angular
. - Prior experience in integrating security checks and gating critera with CI platform like SonarQube
- Strong grasp of
OWASP Top 10, API Security Top 10, ASVS, CWE
, secrets management, and CI/CD hardening. - AWS security
experience: IAM, KMS, RDS encryption, SG/WAF, CloudTrail/GuardDuty; familiarity with Docker/Kubernetes and
IaC
(Terraform/CloudFormation). - Experience running vendor/3rd-party
VAPT
cycles and landing fixes to SLA with engineering teams. - Awareness of compliance contexts (ISO 27001/SOC 2, RBI guidance,
DPDP Act
) and secure handling of PII/financial data. - Nice to have: mobile app security (OWASP MASVS), OAuth2/OIDC, mTLS, WebAuthn/modern auth patterns; Kafka, Redis, NGINX, Consul, Vault.
- Certifications (optional, a plus):
OSWE/OSCP
,
GWAPT/GWEB
,
CSSLP
.
What success looks like (first 6 months)
- ≥
95%
of Critical/High findings closed
within SLA
across services. - All repos behind
security gates
with SBOMs published;
zero hard-coded secrets
; baseline threat models for top services. - Repeatable VAPT → remediation → verification loop with dashboards visible to leadership.
Why join us
- Build security for
mission-critical fintech products
at scale. - High ownership, direct impact, and the chance to set the bar for product security across our stack.
- Collaborative culture with strong engineering, rapid delivery, and growth opportunities.
-
Product security lead
3 weeks ago
Chennai, Tamil Nadu, India Hotfoot Technology Solutions Full timeLocation: Chennai (HQ) - Onsite Function: Product Security Experience: 7–12 years (incl. 2+ years in a lead/ownership role)About the roleWe're looking for an Product Security Lead to embed security into our SDLC and own end-to-end VAPT remediation across our lending product suite (LOS/LMS, rules engine, analytics). You'll partner with engineering and...
-
Product Security Lead
4 weeks ago
Chennai, Tamil Nadu, India Hotfoot Technology Solutions Full timeLocation: Chennai (HQ) - Onsite Function: Product Security Experience: 7–12 years (incl. 2+ years in a lead/ownership role)About the roleWe're looking for an Product Security Lead to embed security into our SDLC and own end-to-end VAPT remediation across our lending product suite (LOS/LMS, rules engine, analytics). You'll partner with engineering and...
-
Product Security Lead
4 weeks ago
Chennai, Tamil Nadu, India Hotfoot Technology Solutions Full timeLocation: Chennai (HQ) - OnsiteFunction: Product SecurityExperience: 7–9 years (incl. 2+ years in a lead/ownership role)About the roleWe're looking for an Product Security Lead to embed security into our SDLC and own end-to-end VAPT remediation across our lending product suite (LOS/LMS, rules engine, analytics). You'll partner with engineering and platform...
-
Product Security Lead
4 weeks ago
Chennai, Tamil Nadu, India Hotfoot Technology Solutions Full timeLocation: Chennai (HQ) - OnsiteFunction: Product SecurityExperience: 7–9 years (incl. 2+ years in a lead/ownership role)About the roleWe're looking for an Product Security Lead to embed security into our SDLC and own end-to-end VAPT remediation across our lending product suite (LOS/LMS, rules engine, analytics). You'll partner with engineering and platform...
-
Product Security Lead
3 weeks ago
Chennai, Tamil Nadu, India Hotfoot Technology Solutions Full timeLocation: Chennai (HQ) - Onsite Function: Product Security Experience: 7–9 years (incl. 2+ years in a lead/ownership role) About the role We're looking for an Product Security Lead to embed security into our SDLC and own end-to-end VAPT remediation across our lending product suite (LOS/LMS, rules engine, analytics). You'll partner with...
-
Hotfoot - Product Security Lead
4 weeks ago
Chennai, Tamil Nadu, India HOTFOOT TECHNOLOGY SOLUTIONS PRIVATE LIMITED Full timeLocation : Chennai (HQ) Onsite.Function : Product Security.Experience : 7 - 12 years (incl. 2+ years in a lead/ownership role).About the role : Were looking for an Product Security Lead to embed security into our SDLC and own end-to-end VAPT remediation across our lending product suite (LOS/LMS, rules engine, analytics).Youll partner with engineering and...
-
Lead Product Security Engineer
4 days ago
Chennai, Tamil Nadu, India ASAPP Full time ₹ 12,00,000 - ₹ 36,00,000 per yearAt ASAPP, our mission is simple: deliver the best AI-powered customer experience—faster than anyone else. To achieve that, we're guided by principles that shape how we think, build, and execute. We value customer obsession, purposeful speed, ownership, and a relentless focus on outcomes. We work in tight, skilled teams, prioritize clarity over complexity,...
-
Security Shift Supervisor
6 days ago
Chennai, Tamil Nadu, India Jaguar Security Services Full time ₹ 1,20,000 - ₹ 3,00,000 per yearSecurity Shift Supervisor will be responsible for managing end-to-end security operations of the shift and will be responsible for the safety & security of employees and assets at the site.Security Shift Supervisor will report to Security Site Lead and Corporate Security Agent/ Corporate Security Agent Manager.Experience Required:Minimum graduate with 5+...
-
Security Guard Lead
9 hours ago
Chennai, Tamil Nadu, India NSK Security Full time ₹ 4,00,000 - ₹ 12,00,000 per yearResponsibilities:Patrol premises regularlyRespond to alarms promptlyMaintain fire safety protocolsMonitor CCTV systemsReport incidents accuratelyEmployee state insuranceProvident fund
-
Sr Product Security Analyst
6 days ago
Chennai, Tamil Nadu, India GE VERNOVA Full time ₹ 1,04,000 - ₹ 1,30,878 per year**Job Description Summary****As a key member of a global and matrixed design team, Sr Product Security Analyst is responsible for-Cyber security analysis of controllers, Control systems.-Lead the software and hardware penetration testing activates-Work in Collaboration with development teams to improve SDLC process, OSS/SAST/DAST scans.-Streamline SBOM...
