Meesho - Software Security Engineer

About the Team :

The security team at Meesho is like the Avengers to Meesho's S.H.I.E.L.D. After all, when 5% of Indian households shop with us, its important to build resilient systems to manage millions of orders every day. Weve done this with zero downtime! Sounds impossible? Well, thats the kind of Engineering muscle that has helped Meesho become the e-commerce giant it is today. We value speed over perfection, and see failures as opportunities to become better. Weve taken steps to inculcate a strong Founders Mindset across our engineering teams, making us grow and move fast. We place special emphasis on the continuous growth of each team member - and we do this with regular 1-1s and open communication.

As a Security Engineer, you will be part of self-starters who thrive on teamwork and constructive feedback. We know how to party as hard as we work! If we arent building unparalleled tech solutions, you can find us debating the plot points of our favorite books and games or even gossipping over chai. So, if a day filled with building impactful solutions with a fun team sounds appealing to you, join us.

About the Role :

As a Software Security Engineer, youll design, build, and scale internal security automation and tooling that safeguard Meeshos products and infrastructure. You wont just use tools - youll build them. From developing micro-services that detect vulnerabilities in real-time to automating threat modeling and code scanning, youll contribute directly to the codebase that keeps Meesho secure by design.Youll collaborate deeply with platform, SRE, and product engineers to embed security controls into the SDLC, CI / CD pipelines, and runtime environments - ensuring developers get security feedback as code, not as tickets.

What you will do :

1. Security Tooling & Automation : Build internal security tools, pipelines, and integrations for SAST, DAST, SCA, and secrets scanning. Automate repetitive security test cases and workflows using Python, Go, or Node.js. Create APIs and dashboards that expose real-time security telemetry. Integrate with CI / CD (GitHub Actions, Jenkins, ArgoCD) to enforce security gates.

2. Secure Software Development : Write production-grade, maintainable code that enhances security posture across repos. Contribute to open-source or internal frameworks for secure code review, dependency risk detection, and compliance automation. Partner with developers to design security libraries and SDKs that make secure by default easy to adopt.

3. Threat Modeling & Design Reviews : Drive security architecture reviews and model threats for new features. Translate findings into engineering solutions and automation guardrails. Contribute reusable threat modeling templates or scripts that scale across teams.

4. Application Security Testing : Perform and automate web, API, and mobile app security assessments. Develop scripts to correlate findings across scanners, triage false positives, and prioritize remediation. Build one-click validation tools or fuzzers that developers can run locally.

5. Developer Empowerment & Culture : Contribute to internal security documentation, workshops, and awareness programs.

Champion developer-first security automation - faster fixes, fewer blockers. Continuously identify opportunities to eliminate manual effort via code.

What you will need :

Education : B.Tech / M.Tech in Computer Science, Software Engineering, or equivalent technical field.

Experience : 1-2 years of hands-on experience in software development and application security. Prior experience building security tools, writing automation frameworks, or contributing to DevSecOps initiatives.

Technical Skills : Strong coding skills in Python, Java, Go, or Node.js (bonus : React / TypeScript).Solid understanding of web technologies, RESTful APIs, and CI / CD pipelines. Familiarity with security testing tools (e.g., Burp, Nuclei, ZAP, Trivy, Semgrep).

• Knowledge of AWS / GCP security fundamentals, Docker, and Kubernetes. Experience integrating security checks in GitHub Actions or Jenkins.
• Core Competencies : Builder mindset - treats security as an engineering problem. Strong debugging and system-design skills.
• Excellent communication - can explain security trade-offs to developers. Passion for automation, open-source tools, and continuous improvement.

Bonus : Experience with security data pipelines, LLM-assisted code review, or AI-driven vulnerability correlation. Contributions to open-source security projects or in-house tooling frameworks.

About us :

Welcome to Meesho, where every story begins with a spark of inspiration and a dash of entrepreneurial spirit. We're not just a platform; we're your partner in turning dreams into realities.

Curious about life at Meesho? Explore our Glassdoor - our people have a lot to say and they've helped us become a loved workplace in India.

Our Mission :

Democratising internet commerce for everyone Meesho (Meri Shop) started with a single idea in mind : to be an e-commerce destination for Indian consumers and to enable small businesses to succeed online.

We provide our sellers with benefits such as zero commission and affordable shipping solutions in the market. Today, sellers nationwide are growing their businesses by tapping into Meeshos large and diverse customer base, state-of-the-art tech infrastructure, and pan-India logistics network through trusted third-party partners.

Affordable, relatable merchandise that mirrors local markets has helped us connect with internet users and serve customers across urban, semi-urban, and rural India. Our unique business model and continuous innovation have established us as a part of Indias e-commerce ecosystem.

Culture and Total Rewards :

Our focus is on cultivating a dynamic workplace characterized by high impact and performance excellence. We prioritize a people-centric culture, dedicated to hiring and developing exceptional talent.

Total rewards at Meesho comprise a comprehensive set of elements monetary, non-monetary, tangible, and intangible. Our 9 guiding principles, or "Mantras," are the backbone of how we operate, influencing everything from recognition and evaluation to growth discussions. Daily rituals and processes like Problem First Mindset, Listen or Die, our Internal Mobility Program, Talent Reviews, and Continuous Performance Management embody these principles.

We offer competitive compensation both cash and equity-based tailored to job roles, individual experience, and skill, along with employee-centric benefits and a supportive work environment. Our holistic wellness program, MeeCare, includes benefits across physical, mental, financial, and social wellness. This includes extensive medical insurance for employees and their families, wellness initiatives like telehealth, wellness events, and fitness-related perks.

To support work-life balance, we offer generous leave policies, parental support, retirement benefits, and learning and development assistance. Through personalized recognition, gratitude for stretched work, and engaging activities, we promote employee delight at the workplace. Additional benefits such as salary advance support, relocation assistance, and flexible benefit plans further enrich the Meesho experience.

Know more about Meesho here : https : / / www.meesho.io /

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

Note : For your candidature to be considered on this job, you need to apply necessarily on the redirected career page of the company as well.

(ref : hirist.tech)