Job Title - Senior Security Engineer (Application & Cloud Security)
Location : Chennai
About Tazapay
Tazapay is a cross border payment service provider. They offer local collections via local payment methods, virtual accounts and cards in over 70 markets. The merchant does not need to create local entities anywhere and Tazapay offers the additional compliance framework to take care of local regulations and requirements. This results in decreased transaction costs, fx transparency and higher auth rates.
They are licensed and backed by leading investors. www.tazapay.com
What's exciting waiting for you?
This is an amazing opportunity for you to join a fantastic crew before the rocket ship launch. It will be a story you will carry with you through your life and have the unique experience of building something ground up and have the satisfaction of seeing your product being used and paid for by thousands of customers. You will be a part of a growth story in securing critical payment infrastructure that spans both application security and cloud security across 70+ markets.
We believe in a culture of openness, innovation & great memories together.
About the Senior Security Engineer Role
As a Senior Security Engineer, you will play a pivotal role in securing our entire technology stack - from application-level security to cloud infrastructure protection. You will lead comprehensive security initiatives across our AWS cloud environments and payment applications built with Node.js and GoLang microservices, while leveraging AWS security services and modern security tools to protect against evolving threats. This role combines deep technical expertise in both application security and cloud security with leadership responsibilities.
Key Responsibilities
Application Security Leadership
- Lead comprehensive security assessments of microservices-based applications built with GoLang, Java, or Scala
- Conduct advanced security reviews of Vue.js and ReactJS frontend applications and their integration with backend services
- Execute expert-level manual and automated web application penetration testing using industry-standard methodologies (OWASP Testing Guide, PTES)
- Design and implement vulnerability scoring and risk assessment frameworks using CVSS, OWASP Risk Rating, and custom business impact metrics
- Utilize govulncheck for Go-specific vulnerability detection and dependency analysis across microservices
- Deploy Semgrep / OpenGrep for advanced static code analysis and custom security policy enforcement
- Integrate Gitleaks for comprehensive secret detection across development workflows
- Lead secure development lifecycle (SDLC) integration and establish security standards for development teams
- Perform complex web application penetration testing including authentication bypass, authorization flaws, injection attacks, and business logic vulnerabilities
AWS Cloud Security Architecture
Design and implement enterprise-level security architecture for AWS cloud environmentsConfigure and optimize AWS Shield (Standard and Advanced) for comprehensive DDoS protectionImplement and manage AWS CloudFront security configurations including advanced WAF rules, SSL / TLS, and origin protectionSecure complex AWS services including EC2, ECS, EKS, Lambda, RDS, S3, API Gateway, and multi-region deploymentsDesign network security controls using VPC, Security Groups, NACLs, AWS Transit Gateway, and PrivateLinkEstablish and lead secure CI / CD pipeline implementations for Node.js applications and GoLang microservicesArchitect container security solutions for Docker and Kubernetes (EKS) environmentsSecurity Automation & Monitoring
Implement comprehensive security monitoring using AWS CloudTrail, GuardDuty, and Security HubDeploy and manage Prowler for continuous AWS security assessments and compliance validationUtilize ScoutSuite for multi-cloud security posture management and configuration auditingConfigure Gitleaks for continuous secret monitoring across enterprise development workflowsImplement Semgrep / OpenGrep rules for real-time security vulnerability detection and policy enforcementLead automation initiatives using Infrastructure as Code (Terraform, CloudFormation, AWS CDK)Develop advanced security automation scripts and frameworks using Python, Bash, and AWS SDKsCreate comprehensive security dashboards and executive reporting mechanismsVulnerability Management & Risk Assessment
Lead enterprise vulnerability management programs with comprehensive scoring using CVSS v3.1, OWASP Risk Rating, and custom business impact assessmentsDevelop sophisticated risk scoring matrices incorporating technical severity, business impact, exploitability, and regulatory requirementsCreate detailed penetration testing reports with executive summaries, technical findings, and strategic remediation roadmapsEstablish vulnerability SLA metrics and track remediation timelines based on risk scores and business prioritiesConduct root cause analysis (RCA) on complex security incidents and implement preventive measuresLead threat modeling sessions and strategic risk assessments for new features and infrastructure changesMentor junior security engineers and provide technical guidance on vulnerability remediationCompliance & Regulatory Security
Ensure comprehensive compliance with financial industry regulations (PCI DSS, SOX, GDPR, PSD2)Lead compliance audits and regulatory assessments using Prowler for AWS compliance validationImplement ScoutSuite for comprehensive multi-cloud security auditingDesign and maintain data protection controls for sensitive payment processing workloadsDevelop and maintain disaster recovery and business continuity security plansLead security aspects of vendor risk assessments and third-party integrationsRepresent security requirements to business leadership and regulatory bodiesTechnical Leadership & Strategy
Serve as technical security leader for complex cross-functional projectsInfluence security strategies, standards, and architectural decisions across the organizationLead security initiatives and mentor junior engineers on advanced security practicesParticipate in strategic security planning and technology evaluationDrive security culture transformation and champion security best practicesRepresent security needs to executive leadership and board-level communicationsRequired Qualifications
Experience
8+ years of experience in information security with demonstrated expertise in both application security and cloud securityExtensive experience securing microservices architectures , particularly those built with GoLang, Java, or ScalaAdvanced experience with AWS cloud security including Shield, CloudFront, and comprehensive security service managementExpert-level web application penetration testing experience including complex business logic vulnerabilities and multi-tier architecturesProven leadership in vulnerability scoring and risk assessment using industry-standard frameworksHands-on expertise with security automation tools : govulncheck, Gitleaks, Semgrep / OpenGrep, Prowler, ScoutSuiteStrong experience securing Node.js applications and modern JavaScript frameworks (Vue.js, ReactJS)Experience leading security teams and influencing organizational security strategyTechnical Skills
Expert-level proficiency in AWS security services including Shield, CloudFront, GuardDuty, Security Hub, WAF, and comprehensive service portfolioAdvanced application security expertise across GoLang, Java, Scala, Node.js, Vue.js, and ReactJS technologiesMastery of security automation tools : govulncheck (Go vulnerability scanning), Gitleaks (secret detection), Semgrep / OpenGrep (static analysis), Prowler (AWS security assessment), ScoutSuite (multi-cloud auditing)Expert-level web application penetration testing skills using advanced tools and custom exploitation frameworksComprehensive knowledge of vulnerability scoring frameworks including CVSS v3.1, OWASP Risk Rating, and FAIR methodologyAdvanced Infrastructure as Code proficiency (Terraform, CloudFormation, AWS CDK)Expert container and orchestration security (Docker, Kubernetes / EKS, service mesh security)Advanced scripting and automation capabilities (Python, Bash, PowerShell, Go)Enterprise network security and cloud networking expertiseSecurity Expertise
Deep understanding of application security principles and advanced penetration testing methodologiesExpert knowledge of cloud security frameworks (NIST, CSA, AWS Well-Architected Security Pillar)Advanced understanding of financial services security and payment processing compliance requirementsExpertise in security architecture design for complex distributed systemsAdvanced threat modeling and risk assessment capabilitiesComprehensive knowledge of cryptography, PKI, and secure communication protocolsExpert-level incident response and forensic analysis skillsAdvanced understanding of regulatory compliance frameworks and audit requirementsNice to Have
Certifications
AWS Security Specialty certification (required)Advanced penetration testing certifications (OSCP, GWEB, eWPT, eWPTX)Security leadership certifications (CISSP, CISM, CISSP)Cloud architecture certifications (AWS Solutions Architect Professional, DevOps Engineer Professional)Additional cloud security certifications (Azure Security, GCP Security)Additional Skills
Experience with multi-cloud security architectures and hybrid environmentsAdvanced knowledge of serverless security (AWS Lambda, API Gateway, serverless frameworks)Expertise in security orchestration and automated response (SOAR) platformsExperience with machine learning / AI security applications and threat detectionAdvanced understanding of payment processing security and financial services infrastructureExperience with regulatory examination processes and security audit leadershipKnowledge of emerging security technologies and threat landscape evolutionExperience with security product evaluation and vendor managementAdvanced presentation and executive communication skillsKey Abilities and Traits
Technical Excellence : Demonstrated ability to architect and implement comprehensive security solutions across complex application and cloud environments processing sensitive financial data.
Leadership : Proven capability to lead security initiatives across multiple teams, influence strategic decisions, and mentor engineering talent while representing security needs to executive leadership.
Strategic Thinking : Ability to balance immediate security needs with long-term strategic objectives, translating business requirements into technical security solutions.
Problem-Solving : Expert-level analytical and problem-solving skills with the ability to address complex security challenges spanning application code to cloud infrastructure.
Communication : Exceptional verbal and written communication skills, capable of explaining complex security concepts to technical teams, business stakeholders, and executive leadership.
Continuous Innovation : Commitment to staying current with emerging security threats, technologies, and industry best practices while driving security innovation within the organization.
Project Management : Advanced ability to manage multiple complex security initiatives simultaneously while ensuring compliance with regulatory requirements and business objectives.
Mentorship : Strong commitment to developing junior security talent and fostering a security-conscious culture across engineering teams.
Join our team and let's groove together to the rhythm of innovation and opportunity!
Your Buddy,
Tazapay