About us
The global hiring revolution is shaping a future where talent can thrive everywhere driving innovation and progress on a global scale.
Multiplier is at the forefront of this change. By removing barriers and simplifying global hiring were creating a level playing field where businesses and individuals (like you) can compete grow and succeed regardless of geography.
Multiplier empowers companies to hire onboard manage and pay talent in 150 countries quickly and compliantly. Our mission is to build a world without limits where ambitious businesses can look beyond borders to build their global dream teams. Our unified employment platform complete with world-class EOR AOR and Global Payroll products means it has never been easier to seize the global hiring opportunity.
Were backed by some of the best in the business (Sequoia DST and Tiger Global) are led by industry-leading experts scaling fast and seeking brilliant like-minded enthusiasts to join our team. The future is borderless. Lets build it together.
About the Role
Multiplier is seeking a highly skilled Lead Security Engineer to join our engineering organization. This role is critical to designing implementing and maintaining robust security measures across our entire infrastructure and applications ensuring the confidentiality integrity and availability of our systems. You will play a key role in building a proactive security posture and fostering a security-first culture.
What would you do / key responsibilities
- Secure Architecture & SDLC: Design and build secure systems across all layers (network OS application) implement AppSec and Secure SDLC practices including SAST DAST and SCA.
- Cloud & Container Security: Develop and enforce security best practices for containerization ECS and Kubernetes and manage secrets/key management.
- API Security: Ensure the security of GraphQL and REST APIs.
- DevSecOps & Automation: Drive DevSecOps enablement by integrating security into CI/CD pipelines and implement SOAR for automated incident response.
- Security Operations (SOC): Oversee and mature SOC operations including SIEM management log correlation incident response (IR) runbooks and drills and integration of threat intelligence for proactive threat hunting.
- Vulnerability Management & Testing: Lead internal/external VAPT conduct penetration testing (web API mobile cloud) plan red/purple team exercises coordinate phishing simulations and manage bug bounty programs and the Coordinated Vulnerability Disclosure (CVD) process.
- Vulnerability Remediation & Hardening: Drive post-VAPT remediation manage vulnerability scanning track patch management/misconfigurations establish infrastructure baselining (CIS STIGs) and report on exposure windows.
- Collaboration & Mentorship: Collaborate with engineering SRE and IT to embed security and mentor junior security engineers.
Required Qualifications
- 8 years of experience in Security Engineering AppSec DevSecOps or a related security-focused role.
- Proficiency in at least one modern programming language (e.g. Go Python Java).
- Strong understanding of secure architecture principles for network OS and application layers.
- Hands-on experience with AppSec tooling (SAST DAST SCA) and implementing Secure SDLC.
- Proven experience with container/ECS/Kubernetes security.
- Deep knowledge of secrets and key management solutions.
- Experience with API security including GraphQL and REST.
- Demonstrable experience with DevSecOps enablement and pipeline integrations.
- Strong knowledge of incident management frameworks and leading high-severity incident response.
- Experience with SIEM and log correlation tools.
- Familiarity with threat intelligence feeds and proactive threat hunting.
- Proven track record of conducting VAPT penetration testing and red/purple team exercises.
- Experience managing bug bounty programs and external security testing vendors.
- Hands-on experience with vulnerability scanning and configuration management.
- Excellent communication documentation and collaboration skills.
Preferred Qualifications
- Prior experience in a high-scale production environment.
- Certifications in Security (e.g. OSCP OSWE CISSP GSEC AWS Certified Security - Specialty).
- Experience with SOAR platforms and automating security workflows.
- Knowledge of compliance frameworks (e.g. ISO 27001 SOC 2).
What We Offer:
- High-impact role with the chance to play a key role in a rapidly growing company.
- Full autonomy in your role with the flexibility to work in a hybrid environment.
- Work with a passionate energetic and diverse team.
- Competitive benefits recognition programs and career development opportunities.
- Attractive ESOPs giving you a stake in the companys success.
- Comprehensive health insurance coverage for you and your familys well-being.
- Generous holiday policy.
- A company that genuinely invests in your professional success.
Equal Employment Opportunity
Multiplier is an equal opportunity employer. We value diversity. We do not discriminate based on race religion color national origin gender sexual orientation age marital status veteran status or disability status.