Senior Security Engineer

Role Summary

We are seeking a highly skilled and hands-on Senior Security Engineer with a strong focus on secure coding and automation (Python) to join our Service Operations role is ideal for engineers who are passionate about building secure scalable systems integrating security into development workflows and supporting banking/financial domain applications in a cloud-native (AWS) environment.

Key Responsibilities

• Develop and maintain security automation tools and scripts using Python to support application security and DevSecOps processes
• Perform secure code reviews across platforms (Kotlin Android iOS Python) with strong emphasis on Python-based systems
• Integrate and automate security controls into CI/CD pipelines (e.g. GitHub Actions)
• Work closely with engineering teams to embed secure coding practices into the SDLC
• Implement and manage SAST/SCA/DAST tools and automate vulnerability detection and remediation workflows
• Support API and application security (REST GraphQL) including authentication authorization and encryption practices
• Conduct basic penetration testing and vulnerability validation (mobile web APIs) depth is not required focus is on remediation and automation
• Perform threat modelling (e.g. STRIDE) and risk assessment for applications especially in banking systems
• Collaborate with infrastructure teams to ensure secure deployment on AWS cloud environments
• Contribute to application security standards policies and best practices aligned with OWASP
• Monitor and respond to emerging security threats including risks related to AI-enabled systems
• Support BAU security operations vulnerability management and continuous improvement initiatives

Required Qualifications

• 5 years of hands-on experience in Python development (mandatory strong coding capability is critical)
• 23 years of experience in application security/DevSecOps
• Experience working in banking/financial services domain
• Strong experience with AWS cloud services and cloud security practices
• Solid understanding of secure coding practices and code review methodologies
• Experience integrating security tools into CI/CD pipelines
• Familiarity with SAST/SCA/DAST tools
• Basic understanding of penetration testing concepts and tools (e.g. Burp Suite MobSF Frida)
• Knowledge of API security authentication mechanisms and cryptographic fundamentals
• Experience working in Agile/DevOps environments

Preferred Qualifications

• Experience with security automation frameworks and tooling in Python
• Exposure to AI/ML application security (e.g. prompt injection model abuse)
• Certifications such as AWS Security Specialty CSSLP OSCP (optional)
• Experience with container security (Docker Kubernetes) and IaC scanning
• Familiarity with banking security standards and compliance requirements