Security Engineer II

At SAFE Security, our mission is bold and ambitious: We Will Build CyberAGI — a super-specialized system of intelligence that autonomously predicts, detects, and remediates threats. This isn't just a vision—it's the future we're building every day, with the best minds in AI, cybersecurity, and risk. At SAFE, we empower individuals and teams with the freedom and responsibility to align their goals, ensuring we all move towards this goal together.

We operate with radical transparency, autonomy, and accountability—there's no room for brilliant jerks. We embrace a culture-first approach, offering an unlimited vacation policy, a high-trust work environment, and a commitment to continuous learning. For us, Culture is Our Strategy—check out our Culture Memo to dive deeper into what makes SAFE unique.

We're looking for a Security Engineer II to join our SecOps team and play a critical role in strengthening the security posture of our products and production environment. In this role, you'll partner closely with engineering, operations, and program management teams to design, assess, and continuously improve secure systems at scale.

• Primary role is to work with the SecOps team, focusing on product and production environment security
• Conduct SAST, SCA, and Secrets Scanning of the source using an automated tool, and then perform manual analysis of the findings
• Conduct fortnightly, as a part of sprint ceremonies, a  manual security assessment of the new product features for web/mobile applications and APIs 
• Monitor and fine-tune the DAST scan engine and review findings reported by the tool
• Automate IaC code scanning and prioritize patching of those findings with the engineering team and operations team
• Monitor, validate, and prioritize vulnerabilities in the production environment pertaining to Container and Serverless functions
• Conduct an application log review to prevent sensitive information disclosure
• Monitor  the Cloud Native Application Protection Platform for new misconfiguration security issues
• Proactively collaborate with the engineering and the program management team for patch prioritization
• Build and maintain automation of various security pipelines related to SAST, DAST, Vulnerability SLA, Manual Assessment Dashboard, and other SecOps activities
• Coordinate with the scrum teams to identify the per-sprint manual security assessment scope and schedule a walkthrough of the feature and its implementation
• Maintain and enhance developer security pattern guidelines
• Create and present a weekly dashboard for DevSecOps activities and the changes in the security posture of the environment
• Coordinate with the third-party security vendor for the product VAPT exercise

• M.Tech or B.Tech / B.E. / BCA in Computer Science or Information Technology
• Must have hands-on experience in conducting Application and Cloud Security as well as utilizing tools such as Burp Suite Professional, SAST, and CNAPP tools
• Extensive knowledge of validating and identifying the actual impact of security issues that result from the various security assessment activities
• Working knowledge of code repository solutions
• Working knowledge of scripting language (Python, Shell Script, JS, etc.) for automation of certain repetitive tasks and internal SecOps initiatives
• Able to manage and guide a team
• Experience with Agile Scrum Methodology
• Effective documentation, communication, and interpersonal skills
• Any of the following certifications would be preferred: 

If you're passionate about cyber risk, thrive in a fast-paced environment, and want to be part of a team that's redefining security—we want to hear from you