Security & Privacy Lead

About the Role:

We are an Indian startup focused on building privacy-first, data-protection-driven products. We are hiring a Security & Privacy Lead to ensure that all systems, servers, and user data remain secure. The role is fully hands-on designing protection layers, identifying vulnerabilities, and keeping our infrastructure and intellectual property safe.

Main Responsibilities:

 Protect all company systems, servers, codebases, and user data from external or internal threats.
 Safeguard the founder, key personnel, and the company’s digital assets from targeted attacks or social engineering attempts. Prevent competitors or malicious actors from accessing, copying, or reverse-engineering any proprietary technology. Set up firewalls, intrusion detection, monitoring, and backup systems. Identify, test, and patch vulnerabilities in apps, websites, and networks. Detect and report any data leaks, anomalies, or unauthorized access. Respond rapidly to security incidents or breaches. Manage secure logins, credentials, and access permissions. Ensure compliance with Indian data protection laws (DPDP Act 2023). Train staff and developers on secure coding and privacy best practices.

Requirements:

 3–6 years of experience in IT or cybersecurity.
 Hands-on experience with AWS, Google Cloud, or similar platforms. Deep understanding of securing APIs, web apps, and servers. Familiarity with encryption, access control, and data protection methods. Ability to write or automate checks (Python or Bash preferred). Knowledge of ethical hacking and cybersecurity practices. Knowledge of privacy laws and data-handling best practices.

Preferred / Nice to Have:

 Ethical hacking or penetration-testing experience.
 Startup or small-team background. Knowledge of blockchain, timestamping, or distributed systems.

Tools & Skills:

 Cloud: AWS / GCP / Azure
 Security Tools: Burp Suite, OWASP ZAP, Wireshark, Metasploit, Nmap DevOps / Infra: Docker, Kubernetes, GitHub Actions Automation: Python, Bash, Terraform Monitoring: Wazuh, CloudTrail, Grafana, Datadog.

Qualifications:

 Bachelor’s degree in Computer Science, IT, or equivalent practical experience.
 Security certifications (OSCP, CEH, etc.) are a plus but not required.

Note: All testing or hacking must be performed legally and only on systems owned or approved by the company.

Job Type: Full-time

Pay: ₹100,000.00 - ₹130,000.00 per month

Benefits:

• Health insurance
• Paid time off
• Provident Fund

Work Location: In person