Job
Description
Product Security Engineer Location: Bangalore, India Experience: 3-6 years About Us: The Opportunity: This is more than just a security role; its a chance to build an information security function at Nurix AI, a rapidly scaling AI startup. With our exponential growth and our use of sophisticated AI, LLMs, and multi-cloud infrastructure (AWS, GCP, Azure), we need a seasoned expert to establish and champion a world-class security posture. Our customers are entrusting us with their data in an era of heightened security concerns, and your role will be pivotal in maintaining and strengthening that trust. You will be instrumental in fortifying our defenses at Nurix AI, proactively addressing the unique security challenges of AI and LLMs, and ensuring our innovative solutions are secure by design. What Youll Do (Key Responsibilities): Roles & Responsibilities (What you ll be doing): Execute penetration tests on web apps, APIs, and mobile applications, then deliver detailed vulnerability assessments and clear remediation advice. Perform both manual and automated secure code reviews primarily in Java, Python, and JavaScript. Build Python-based security automation tools to broaden test coverage, cut manual work, and speed up assessments. Partner with engineering teams to resolve security issues quickly within rapid release cycles. Develop and maintain threat models, applying proven techniques to surface and address design-level risks early. Champion a security-first culture by coaching developers on secure coding, common weaknesses, and attack vectors, while clearly presenting findings to all stakeholders. What you bring to the table: 2-5 years of hands-on experience in application security, penetration testing, or a closely related field. Deep expertise with testing tools such as Burp Suite, OWASP ZAP, Semgrep, MobSF, Jadx-GUI , and other mobile security frameworks. Proven ability to embed security across the SDLC , leveraging modern DevSecOps pipelines and tooling. Strong command of secure-coding fundamentals, the OWASP Top 10 , CWE catalog, and common exploit techniques. Solid scripting and automation skills Python preferred. Excellent communication and stakeholder-management capabilities. A passion for continual learning and staying ahead of emerging threats. Bonus Skills: Master s degree in Cybersecurity or a related field. Industry-recognized security certifications such as CISSP, CISM, CCSP, CEH, or CompTIA Security+, or specific cloud security certifications (AWS, GCP, Azure). Experience in a rapidly scaling technology startup. Strong working knowledge of global and Indian data privacy frameworks (e.g., GDPR, HIPAA, DPDP Act ). Experience building a security function from the ground up. Bonus points for credentials like OSCP, OSWE, CRTP , or a noteworthy bug-bounty / CTF track record. What We Offer: Opportunity to work on cutting-edge generative AI projects with leading clients. A dynamic and inclusive work environment that promotes professional growth and development. Competitive salary and benefits package, including opportunities for continuous learning and skill enhancement. If you are passionate about leveraging generative AI to drive business transformation and have the expertise to lead complex projects, we invite you to apply and join our innovative team.
