Senior Security Engineer (Application & Cloud Security)

📍 Job Overview

• Job Title: Senior Security Engineer (Application & Cloud Security)
• Company: Tazapay Pte Ltd
• Location: Chennai, Tamil Nadu, India
• Job Type: On-site
• Category: Security
• Date Posted: June 12, 2025

🚀 Role Summary

• Key Responsibilities: Secure Tazapay's entire technology stack, from application-level security to cloud infrastructure protection.
• Key Technologies: AWS, Microservices, Node.js, GoLang, Java, ReactJS, Vue.js, Docker, Kubernetes.
• Team Context: Collaborate with cross-functional teams, including development, QA, and product management.
• Company Context: Tazapay is a cross-border payment service provider, offering local collections via local payment methods, virtual accounts, and cards in over 70 markets.

💻 Primary Responsibilities

Application Security Leadership

• Lead comprehensive security assessments of microservices-based applications.
• Conduct advanced security reviews of frontend applications and their integration with backend services.
• Execute expert-level manual and automated web application penetration testing.
• Design and implement vulnerability scoring and risk assessment frameworks.
• Utilize govulncheck for Go-specific vulnerability detection and dependency analysis across microservices.
• Deploy Semgrep/OpenGrep for advanced static code analysis and custom security policy enforcement.
• Integrate Gitleaks for comprehensive secret detection across development workflows.
• Lead secure development lifecycle (SDLC) integration and establish security standards for development teams.
• Perform complex web application penetration testing, including authentication bypass, authorization flaws, injection attacks, and business logic vulnerabilities.

AWS Cloud Security Architecture

• Design and implement enterprise-level security architecture for AWS cloud environments.
• Configure and optimize AWS Shield (Standard and Advanced) for comprehensive DDoS protection.
• Implement and manage AWS CloudFront security configurations, including advanced WAF rules, SSL/TLS, and origin protection.
• Secure complex AWS services, including EC2, ECS, EKS, Lambda, RDS, S3, API Gateway, and multi-region deployments.
• Design network security controls using VPC, Security Groups, NACLs, AWS Transit Gateway, and PrivateLink.
• Establish and lead secure CI/CD pipeline implementations for Node.js applications and GoLang microservices.
• Architect container security solutions for Docker and Kubernetes (EKS) environments.

Security Automation & Monitoring

• Implement comprehensive security monitoring using AWS CloudTrail, GuardDuty, and Security Hub.
• Deploy and manage Prowler for continuous AWS security assessments and compliance validation.
• Utilize ScoutSuite for multi-cloud security posture management and configuration auditing.
• Configure Gitleaks for continuous secret monitoring across enterprise development workflows.
• Implement Semgrep/OpenGrep rules for real-time security vulnerability detection and policy enforcement.
• Lead automation initiatives using Infrastructure as Code (Terraform, CloudFormation, AWS CDK).
• Develop advanced security automation scripts and frameworks using Python, Bash, and AWS SDKs.
• Create comprehensive security dashboards and executive reporting mechanisms.

Vulnerability Management & Risk Assessment

• Lead enterprise vulnerability management programs with comprehensive scoring using CVSS v3.1, OWASP Risk Rating, and custom business impact assessments.
• Develop sophisticated risk scoring matrices incorporating technical severity, business impact, exploitability, and regulatory requirements.
• Create detailed penetration testing reports with executive summaries, technical findings, and strategic remediation roadmaps.
• Establish vulnerability SLA metrics and track remediation timelines based on risk scores and business priorities.
• Conduct root cause analysis (RCA) on complex security incidents and implement preventive measures.
• Lead threat modeling sessions and strategic risk assessments for new features and infrastructure changes.
• Mentor junior security engineers and provide technical guidance on vulnerability remediation.

Compliance & Regulatory Security

• Ensure comprehensive compliance with financial industry regulations (PCI DSS, SOX, GDPR, PSD2).
• Lead compliance audits and regulatory assessments using Prowler for AWS compliance validation.
• Implement ScoutSuite for comprehensive multi-cloud security auditing.
• Design and maintain data protection controls for sensitive payment processing workloads.
• Develop and maintain disaster recovery and business continuity security plans.
• Lead security aspects of vendor risk assessments and third-party integrations.
• Represent security requirements to business leadership and regulatory bodies.

Technical Leadership & Strategy

• Serve as technical security leader for complex cross-functional projects.
• Influence security strategies, standards, and architectural decisions across the organization.
• Lead security initiatives and mentor junior engineers on advanced security practices.
• Participate in strategic security planning and technology evaluation.
• Drive security culture transformation and champion security best practices.
• Represent security needs to executive leadership and board-level communications.

🎓 Skills & Qualifications

Education: Bachelor's degree in Computer Science, Information Security, or a related field.

Experience: 8+ years of experience in information security with demonstrated expertise in both application security and cloud security.

Required Skills:

• Expert-level proficiency in AWS security services, including Shield, CloudFront, GuardDuty, Security Hub, WAF, and comprehensive service portfolio.
• Advanced application security expertise across GoLang, Java, Scala, Node.js, Vue.js, and ReactJS technologies.
• Mastery of security automation tools: govulncheck (Go vulnerability scanning), Gitleaks (secret detection), Semgrep/OpenGrep (static analysis), Prowler (AWS security assessment), ScoutSuite (multi-cloud auditing).
• Expert-level web application penetration testing skills using advanced tools and custom exploitation frameworks.
• Comprehensive knowledge of vulnerability scoring frameworks, including CVSS v3.1, OWASP Risk Rating, and FAIR methodology.
• Advanced Infrastructure as Code proficiency (Terraform, CloudFormation, AWS CDK).
• Expert container and orchestration security (Docker, Kubernetes/EKS, service mesh security).
• Advanced scripting and automation capabilities (Python, Bash, PowerShell, Go).
• Enterprise network security and cloud networking expertise.

Preferred Skills:

• Experience with multi-cloud security architectures and hybrid environments.
• Advanced knowledge of serverless security (AWS Lambda, API Gateway, serverless frameworks).
• Expertise in security orchestration and automated response (SOAR) platforms.
• Experience with machine learning/AI security applications and threat detection.
• Advanced understanding of payment processing security and financial services infrastructure.
• Experience with regulatory examination processes and security audit leadership.
• Knowledge of emerging security technologies and threat landscape evolution.
• Experience with security product evaluation and vendor management.
• Advanced presentation and executive communication skills.

📊 Web Portfolio & Project Requirements

Portfolio Essentials:

• Demonstrate expertise in application security, cloud security, and penetration testing.
• Showcase proficiency in AWS security services and microservices architecture.
• Highlight experience with security automation tools and vulnerability management.
• Include examples of secure CI/CD pipelines and container security implementations.

Technical Documentation:

• Provide detailed code comments, explaining security decisions and best practices.
• Include version control, deployment processes, and server configuration documentation.
• Demonstrate understanding of testing methodologies, performance metrics, and optimization techniques.

💵 Compensation & Benefits

Salary Range: INR 25,000,000 - 35,000,000 per annum (region-specific, based on experience and skills)

Benefits:

• Competitive salary and benefits package.
• Health, dental, and vision insurance.
• Retirement and pension plans.
• Employee stock options and equity compensation.
• Professional development opportunities and training.
• Flexible work arrangements and remote work options.
• Generous vacation and time-off policies.
• Employee referral bonuses and recognition programs.

Working Hours: Full-time, 40 hours per week, with flexible working hours and overtime as needed.

🎯 Team & Company Context

Company Culture

Industry: Financial Services, Fintech.

Company Size: Medium (76-250 employees).

Founded: 2018.

Team Structure:

• Security team: 10-15 members, including senior security engineers, security engineers, and security analysts.
• Collaborative cross-functional teams, including development, QA, product management, and marketing.

Development Methodology:

• Agile development methodologies, including Scrum and Kanban.
• Continuous Integration/Continuous Deployment (CI/CD) pipelines.
• Infrastructure as Code (IaC) and version control with Git.
• Regular code reviews, pair programming, and knowledge sharing sessions.

Company Website: www.tazapay.com.

📝 Enhancement Note: Tazapay's culture emphasizes innovation, collaboration, and a growth mindset. The security team works closely with cross-functional teams to ensure the security of Tazapay's payment infrastructure and user data.

Career & Growth Analysis

Web Technology Career Level: Senior Security Engineer (Application & Cloud Security) - Leads comprehensive security initiatives across application and cloud environments, influencing strategic decisions, and mentoring junior engineers.

Reporting Structure: Reports directly to the Head of Security, with cross-functional collaboration with development, QA, and product management teams.

Technical Impact: Designs and implements security architecture, manages vulnerability programs, and ensures compliance with financial industry regulations, protecting Tazapay's payment infrastructure and user data.

Growth Opportunities:

• Technical leadership roles, such as Head of Security or Chief Information Security Officer (CISO).
• Specialization in emerging security technologies, such as machine learning/AI security, serverless security, or security orchestration.
• Cross-functional roles, such as Chief Information Officer (CIO) or Chief Technology Officer (CTO), focusing on security and technology strategy.

📝 Enhancement Note: Tazapay offers significant growth opportunities for senior security engineers, with the potential to advance to technical leadership roles or specialize in emerging security technologies.

Work Environment

Office Type: On-site, with flexible remote work options for some roles.

Office Location(s): Chennai, Tamil Nadu, India.

Workspace Context:

• Modern, collaborative workspaces with ergonomic furniture and multiple monitor setups.
• Access to cutting-edge security tools and technologies.
• Regular team-building activities, social events, and company outings.

Work Schedule: Flexible working hours, with core hours between 10:00 AM and 04:00 PM IST. Overtime may be required for project deadlines and maintenance windows.

📝 Enhancement Note: Tazapay's work environment fosters collaboration, innovation, and work-life balance, with flexible working hours and remote work options to accommodate individual needs.

Application & Technical Interview Process

Interview Process:

1. Phone or video screening to assess communication skills and cultural fit.
2. Technical phone or video interview to evaluate security expertise and problem-solving skills.
3. On-site or virtual technical assessment, including hands-on exercises and case studies.
4. Final interview with senior leadership to discuss career growth and expectations.

Portfolio Review Tips:

• Highlight expertise in application security, cloud security, and penetration testing.
• Demonstrate proficiency in AWS security services and microservices architecture.
• Showcase experience with security automation tools and vulnerability management.
• Include examples of secure CI/CD pipelines and container security implementations.

Technical Challenge Preparation:

• Brush up on web application penetration testing techniques and tools.
• Familiarize yourself with AWS security services and best practices.
• Prepare for hands-on exercises and case studies, focusing on problem-solving and architecture decision-making.

ATS Keywords: Application Security, Cloud Security, AWS, Microservices, Penetration Testing, Vulnerability Management, Risk Assessment, Security Automation, Compliance, Leadership, Node.js, GoLang, Java, ReactJS, Vue.js, Docker, Kubernetes.

📝 Enhancement Note: Tailor your resume and portfolio to highlight relevant web technology skills and experience, optimizing for ATS keyword integration and natural language processing.

📌 Application Steps

To apply for this Senior Security Engineer (Application & Cloud Security) position at Tazapay:

1. Submit your application through the Tazapay careers page.
2. Customize your resume and portfolio to showcase your security expertise and relevant web technology skills.
3. Prepare for technical interviews by brushing up on penetration testing techniques, AWS security services, and problem-solving strategies.
4. Research Tazapay's company culture and values to ensure a strong cultural fit and alignment with your career goals.
5. Follow up with the hiring manager or HR representative to express your interest and ask any questions about the role or interview process.

⚠️ Important Notice: This enhanced job description includes AI-generated insights and web technology industry-standard assumptions. All details should be verified directly with the hiring organization before making application decisions.