Product Security Lead

4 days ago

Chennai, Tamil Nadu, India Hotfoot Full time ₹ 20,00,000 - ₹ 25,00,000 per year

Product Security Lead (Secure SDLC & VAPT)

About the job

Location: Chennai (HQ) - Onsite

Function: Product Security

Experience: 7+ (incl. 2+ years in a lead/ownership role)

About the role

Were looking for an Product Security Lead to embed security into our SDLC and own end-to-end VAPT remediation across our lending product suite (LOS/LMS, rules engine, analytics). You'll partner with engineering and platform teams to design, build, and operate secure-by-default products used by leading financial institutions.

What you'll do

  • Own the Secure SDLC for microservices (Java/Spring Boot), Node/TypeScript backends, Angular UIs, and Android/Flutter apps—policy, standards, and release gates.
  • Build and run CI/CD security controls: SAST, SCA/SBOM, secrets & IaC checks, container/image scanning; automate DAST/IAST in pipelines; enforce block-on-fail where needed.
  • Drive VAPT end-to-end: scope with internal/third-party testers, triage findings, set SLAs, track remediation to closure; verify fixes and prevent regressions.
  • Threat model & review designs/code for authN/Z, crypto, session management, API security, data protection/PII, and high-risk modules (payments, onboarding, documents).
  • Cloud & platform security (AWS): baselines for EC2/ALB, RDS/KMS, S3 policies, network segmentation, mTLS/JWT service auth, Vault-backed secrets, and key rotation.
  • Observability & governance: wire security logs to SIEM, define AppSec KPIs (MTTR, SLA adherence, gate coverage), and report risk posture to engineering leadership.
  • Upskill teams: run secure coding workshops, build a "security champions" program, create playbooks/runbooks for common vulns and abuse cases.

What you'll bring

  • 7–12 years in Application/Product Security, including leading Secure SDLC and VAPT remediation in a product engineering environment.
  • Hands-on with SAST/SCA/DAST/IAST, code reviews, and threat modeling (e.g., STRIDE); ability to read code in Java/Spring, Node/TypeScript, and Angular.
  • Prior experience in integrating security checks and gating criteria with CI platform like SonarQube
  • Strong grasp of OWASP Top 10, API Security Top 10, ASVS, CWE, secrets management, and CI/CD hardening.
  • AWS security experience: IAM, KMS, RDS encryption, SG/WAF, CloudTrail/Guard Duty; familiarity with Docker/Kubernetes and IaC (Terraform/CloudFormation).
  • Experience running vendor/3rd-party VAPT cycles and landing fixes to SLA with engineering teams.
  • Awareness of compliance contexts (ISO 27001/SOC 2, RBI guidance, DPDP Act) and secure handling of PII/financial data.
  • Nice to have: mobile app security (OWASP MASVS), OAuth2/OIDC, mTLS, Web Authn/modern auth patterns; Kafka, Redis, NGINX, Consul, Vault.
  • Certifications (optional, a plus): OSWE/OSCP, GWAPT/GWEB, CSSLP.

What success looks like (first 6 months)

  • 95% of Critical/High findings closed within SLA across services.
  • All repos behind security gates with SBOMs published; zero hard-coded secrets; baseline threat models for top services.
  • Repeatable VAPT remediation verification loop with dashboards visible to leadership.

Why join us

  • Build security for mission-critical fintech products at scale.
  • High ownership, direct impact, and the chance to set the bar for product security across our stack.
  • Collaborative culture with strong engineering, rapid delivery, and growth opportunities.

  • Product Security Lead

    6 days ago

    Chennai, Tamil Nadu, India Hotfoot Technology Solutions Full time ₹ 12,00,000 - ₹ 36,00,000 per year

    About the roleWe're looking for a Product Security Lead to embed security into our SDLC and own end-to-end VAPT remediation across our lending product suite (LOS/LMS, rules engine, analytics). You'll partner with engineering and platform teams to design, build, and operate secure-by-default products used by leading financial institutions.What you'll doOwn...

  • Security Compliance Officer

    3 days ago

    Chennai, Tamil Nadu, India SQ1 Security Full time ₹ 12,00,000 - ₹ 36,00,000 per year

    Job Overview:SQ1 Security is seeking an experienced Cybersecurity and Compliance Expert to lead and drive our initiatives toward achieving SOC 2, ISO 27001, GDPR, and HITRUST certifications.Key Responsibilities:• Develop and Maintain Security Frameworks: Design, implement, and maintain information security policies, procedures, and controls aligned with...

  • Security Guard Lead

    1 week ago

    Chennai, Tamil Nadu, India NSK Security Full time ₹ 4,00,000 - ₹ 12,00,000 per year

    Responsibilities:Patrol premises regularlyRespond to alarms promptlyMaintain fire safety protocolsMonitor CCTV systemsReport incidents accuratelyEmployee state insuranceProvident fund

  • Senior Engineer, Product Security

    1 day ago

    Chennai, Tamil Nadu, India NielsenIQ Full time ₹ 8,00,000 - ₹ 18,00,000 per year

    Job DescriptionSenior Engineer, Cyber – Product Security, Chennai/Pune IndiaR25_0026112|INNielsenIQ is maturing its Application Security programs and is recruiting an Application Security Engineer who will be responsible for supporting the rollout of DevSecOps capabilities and practises across all geographies and business units.As the Application Security...

  • Senior Engineer, Product Security

    23 hours ago

    Chennai, Tamil Nadu, India NielsenIQ Full time ₹ 15,00,000 - ₹ 25,00,000 per year

    Job Description Senior Engineer, Cyber – Product Security, Chennai/Pune India    R25_0026112|INNielsenIQ is maturing its Application Security programs and is recruiting an Application Security Engineer who will be responsible for supporting the rollout of DevSecOps capabilities and practises across all geographies and business units.  As...

  • Product Security Engineer

    1 week ago

    Chennai, Tamil Nadu, India YUBI Full time ₹ 15,00,000 - ₹ 20,00,000 per year

    Job InformationCompanyYubiDate Opened11/18/2025Job TypeFull timeWork Experience3-6 yearsIndustryFinancial ServicesCityChennaiState/ProvinceTamil NaduCountryIndiaZip/Postal Code600035About UsYubi stands for ubiquitous. But Yubi will also stand for transparency, collaboration, and the power of possibility.From being a disruptor in India's debt market to...

  • Product Security Engineer II

    1 day ago

    Chennai, Tamil Nadu, India Appian Corporation Full time ₹ 12,00,000 - ₹ 36,00,000 per year

    Here at Appian, our values of Intensity and Excellence define who we are. We set high standards and live up to them, ensuring that everything we do is done with care and quality. We approach every challenge with ambition and commitment, holding ourselves and each other accountable to achieve the best results. When you join Appian, you'll be part of a...

  • HACLA - Security Lead - G3

    3 days ago

    Chennai, Tamil Nadu, India Bahwan Cybertek Group Full time ₹ 12,00,000 - ₹ 36,00,000 per year

    Responsible for leading the security team and managing the overall security operations for HACLA (Housing Authority of the City of Los Angeles) Develop and implement security policies, standards, and procedures to ensure the protection and confidentiality of HACLA's information assets. Lead incident response activities, including investigation, containment,...

  • Lead Cyber Security Test Engineer

    3 days ago

    Chennai, Tamil Nadu, India Grundfos Full time ₹ 15,00,000 - ₹ 30,00,000 per year

    Are you ready to shape the future of industrial innovation? Join us in developing the worlds most advanced pump technologies while collaborating with top-tier professionals in software for industrial products and cybersecurity.Were currently hiring a Lead Cyber Security Test Engineer in our Chennai location; your expertise could drive our next...

  • Cyber Security Lead

    2 weeks ago

    Chennai, Tamil Nadu, India Capgemini Engineering Full time ₹ 12,00,000 - ₹ 36,00,000 per year

    Choosing Capgemini means choosing a company where you will be empowered to shape your career in the way you'd like, where you'll be supported and inspired by a collaborative community of colleagues around the world, and where you'll be able to reimagine what's possible. Join us and help the world's leading organizations unlock the value of technology and...