Product Security Engineer

Company Overview (Ignosis):

Ignosis is a well-capitalized FinTech company with a bold vision for transforming the BFSI landscape in India. Backed by leading investors, we’re building the future of financial data intelligence — enabling hyper-personalization, intelligent automation, and democratized access to credit. Our mission is to empower financial institutions with next-gen technology and actionable insights. At Ignosis, we don’t just adapt to change — we drive it. Join our fast-growing team and help us push the boundaries of what’s possible in finance.Welcome to Ignosis, where we're not just embracing the future; we're crafting it with a spirit that's as bold as it is brilliant. Join us, and let's redefine what's possible together.

About the Role

Product

This is a high-impact role for someone who thrives in startup environments, takes initiative, and can operate independently while driving company-wide security strategy and execution.

Key Responsibilities

Security Strategy & Architecture

• Define and implement the end-to-end product and infrastructure security roadmap.
• Lead threat modeling, secure design reviews, and drive adoption of security best practices across engineering.
• Evaluate and harden architecture for secure scalability in our cloud-native environment.

Offensive Security Testing

• Lead web and API penetration testing, combining automated tools and manual techniques.
• Own internal VAPT cycles—scheduling, tooling, execution, and remediation guidance.
• Champion a shift-left mindset through secure code review and training initiatives.

Source Code & Secure Development

• Build a robust static and dynamic analysis framework (e.g., Semgrep, SAST).
• Guide developers in writing secure code, review high-risk PRs, and maintain security linting pipelines.

Cloud & Infrastructure Security

• Lead AWS security architecture reviews and hardening.
• Partner with DevOps/SREs to secure CI/CD, secrets management, logging, and monitoring.
• Own identity and access management (IAM), least privilege design, and auditability.

Security Engineering & Automation

• Design and build security automation pipelines and tooling to scale your impact.
• Maintain a library of security utilities for internal developer use.
• Integrate open-source or custom tools into the SDLC (e.g., threat detection, fuzzing, SBOMs).

Governance, Risk & Compliance (GRC)

• Lead efforts for SOC 2 / ISO 27001 readiness and cross-functional GRC coordination.
• Define policies, standards, and security KPIs.
• Support customer security questionnaires and external audit requirements.

Incident Response & Resilience

• Establish a repeatable incident response playbook and ensure team preparedness.
• Lead root cause analysis and postmortem reviews of any security events.

Requirements

• 5+ years of experience in application security, cloud security, or security engineering roles.
• Demonstrated expertise in web application security, API security, AWS security, and secure software development.
• Hands-on experience with manual and automated pentesting, VAPT, threat modeling, and code audits.
• Strong background in scripting or software development 
• Familiarity with security frameworks and tools (e.g., Burp Suite, Semgrep, KICS, Trivy, OSQuery).
• Working knowledge of DevSecOps, CI/CD pipelines, and security tooling integration.
• Experience with GRC initiatives, compliance frameworks, and customer security reviews.
• Excellent communication, leadership, and cross-functional collaboration skills.
• Willingness to work onsite and closely with engineers, product managers, and leadership.

What’s in it for you?

•  Contribute directly to the next wave of growth for the FinTech industry in India  by working closely on Digital Public Infrastructure like AA and OCEN-ONDC network (also touted as one of the next UPI moments of India)
•  High exposure to the founders to understand how he thinks & solve  the pressing issues of the clients with him.
•  Get to work with the largest banks, NBFCs and FinTech players in India and solve their pressing problems.
•  Last but not the least, an industry competitive compensation package.

To conclude, this position is tailor-made for individuals who thrive in dynamic, fast-paced environments and are passionate about creating influential fintech Products.

At Ignosis, a funded company with strong investor backing, you'll have the opportunity to make a significant impact. Be part of our transformative journey. To apply, send your resume to careers@ignosis.ai