Security Engineer (Bangalore, India)

About AiPrise

AI-powered Global Compliance Platform

Tech description:

We use a Typescript React frontend coupled with Flask backend hosted on AWS. We also provide our customers with embeddable web SDKs that they can integrate within a day.

Job description:

# About AiPrise

AiPrise is a global compliance orchestration platform helping fintechs, marketplaces, and payment companies verify and onboard customers worldwide. We integrate with 80+ identity and compliance vendors to deliver a holistic view of risk. We're now building AI-powered compliance agents to revolutionize KYB, AML, sanctions screening, and risk scoring — enabling our customers to onboard faster, reduce manual reviews, and prevent financial crime.

## Role Overview

Security is a core product requirement at AiPrise.

As a Security Engineer, you'll be responsible for protecting the systems, infrastructure, and customer data that power our platform. You'll work across application security, cloud security, AI security, infrastructure hardening, vulnerability management, and security automation.

This is a hands-on engineering role. You'll partner closely with engineering, platform, and product teams to build security into our development lifecycle without slowing innovation.

You'll have significant ownership and autonomy in defining security standards, identifying risks, and driving remediation across the organisation.

## What You'll Do

### Application Security

* Design and operate our application security program
* Conduct architecture and code security reviews for new features and services
* Manage vulnerability discovery, triage, remediation, and validation
* Drive secure development practices across engineering teams
* Own responsible disclosure and vulnerability reporting processes

### DevSecOps & Security Automation

* Integrate security tooling into CI/CD pipelines
* Implement and maintain SAST, DAST, SCA, secret detection, and dependency monitoring
* Build internal security automation using Python, Go, or similar technologies
* Create guardrails that prevent security issues before they reach production

### Cloud & Infrastructure Security

* Secure our AWS infrastructure and cloud-native environments
* Perform infrastructure reviews and threat assessments
* Manage WAF, CSPM, identity controls, network security, and runtime protection
* Partner with platform teams to strengthen security posture across services

### AI & Product Security

* Assess risks associated with AI and LLM-powered workflows
* Design controls against prompt injection, data leakage, model abuse, and adversarial attacks
* Collaborate with product teams to embed security into AI-driven experiences
* Develop security standards for emerging AI systems

### Monitoring & Compliance

* Build security metrics, dashboards, and monitoring capabilities
* Support audits and compliance initiatives including ISO 27001 and SOC 2
* Improve detection and response capabilities across applications and infrastructure
* Help establish security processes that scale with company growth

### Offensive Security

* Conduct penetration testing and security assessments
* Coordinate external security reviews and penetration tests
* Perform threat modeling for critical systems and workflows
* Validate fixes and track remediation to closure

## What We're Looking For

* 5+ years of experience in Application Security, Cloud Security, Product Security, or Security Engineering
* Strong understanding of OWASP Top 10, SANS Top 25, and modern attack vectors
* Experience securing cloud environments, preferably AWS
* Hands-on experience with CI/CD security tooling and automation
* Strong understanding of Docker, Kubernetes, and container security
* Experience writing code or scripts to automate security processes
* Familiarity with modern security tooling across vulnerability management, CSPM, WAF, and monitoring
* Ability to work cross-functionally and influence engineering decisions
* Strong ownership mindset with a bias toward action

## Nice to Have

* Experience securing AI or LLM-powered products
* Experience with identity verification, fraud prevention, fintech, or compliance platforms
* Knowledge of cloud abuse prevention, bot mitigation, and API security
* Experience running bug bounty or responsible disclosure programs
* Familiarity with ISO 27001, SOC 2, PCI-DSS, or similar frameworks
* Security certifications such as OSCP, OSWE, CISSP, or AWS Security Specialty

## **Why AiPrise**

* Build **mission-critical software** that directly fights financial crime and fraud for companies like Meta and leading fintechs
* Work with diverse, complex datasets from 200+ countries
* Join a **fast-moving YC-backed startup** where your work has immediate customer impact
* **Ship quickly** — your code will reach production in days, not months
* **Collaborate in-person** with a talented, mission-driven team in San Jose
* Competitive compensation with meaningful equity upside

Skills:

Information Security, Software Security