More jobs:
Job Description & How to Apply Below
Location: Bengaluru
Job Title - Senior Security Engineer (Infra & Cloud Security)
Location:
Bangalore
About Tazapay
Tazapay is a cross border , global payment fintech . They offer local collections via local payment methods, virtual accounts and cards in over 70 markets. The merchant does not need to create local entities anywhere and Tazapay offers the additional compliance framework to take care of local regulations and requirements. This results in decreased transaction costs, fx transparency and higher auth rates.
They are licensed and backed by leading investors.
What's exciting waiting for you
This is an amazing opportunity for you to join a fantastic crew before the rocket ship launch. It will be a story you will carry with you through your life and have the unique experience of building something ground up and have the satisfaction of seeing your product being used and paid for by thousands of customers. You will be a part of a growth story in securing critical payment infrastructure that spans both application security and cloud security across 70+ markets.
We believe in a culture of openness, innovation & great memories together.
About The Senior Security Engineer Role
As a Senior Security Engineer, you will play a pivotal role in securing our entire technology stack - from application-level security to cloud infrastructure protection. You will lead comprehensive security initiatives across our AWS cloud environments and payment applications built with Node.js and GoLang microservices, while leveraging AWS security services and modern security tools to protect against evolving threats. This role combines deep technical expertise in both application security and cloud security with leadership responsibilities.
Key Responsibilities
AWS Cloud Security Architecture
Design and implement comprehensive security architecture for AWS cloud environments
Configure and manage AWS Shield for DDoS protection across payment processing infrastructure
Implement and optimize AWS Cloud Front security configurations including WAF rules, SSL/TLS, and origin protection
Secure AWS services including EC2, ECS, EKS, Lambda, RDS, S3, and API Gateway
Design and implement network security controls using VPC, Security Groups, NACLs, and AWS Transit Gateway
Establish secure CI/CD pipelines for Node.js applications and GoLang microservices
Application & Infrastructure Security
Secure Node.js applications running on AWS infrastructure including container and serverless environments
Implement security controls for GoLang microservices deployed across multiple AWS regions
Configure and manage AWS WAF rules for web application protection
Implement container security for Docker containers running Node.js and GoLang applications
Secure Kubernetes clusters (EKS) hosting microservices architecture
Manage secrets and configuration security using AWS Secrets Manager and Parameter Store
Monitoring & Incident Response
Implement comprehensive security monitoring using AWS Cloud Trail, Guard Duty, and Security Hub
Deploy and manage Prowler for continuous AWS security monitoring and compliance validation
Utilize Scout Suite for regular multi-cloud security posture assessments
Configure Gitleaks monitoring for continuous secret detection across development workflows
Implement Open Grep rules for real-time security vulnerability detection in application code
Configure Cloud Watch alarms and automated incident response workflows
Develop and maintain security dashboards and reporting mechanisms
Respond to security incidents and conduct forensic analysis in cloud environments
Implement automated threat detection and response capabilities
Monitor and analyze Cloud Front access logs and security events
Compliance & Risk Management
Ensure AWS infrastructure compliance with financial industry regulations (PCI DSS, SOX, GDPR)
Conduct regular security assessments using Prowler for AWS compliance validation and Scout Suite for comprehensive security audits
Implement continuous compliance monitoring through automated tools and custom security frameworks
Implement and maintain data protection controls for payment processing workloads
Perform risk assessments for cloud services and architectures
Develop and maintain disaster recovery and business continuity plans
Support compliance audits and regulatory assessments
Automation & Dev Sec Ops
Implement Infrastructure as Code (IaC) security using Terraform, Cloud Formation, and AWS CDK
Integrate Gitleaks for automated secret scanning in CI/CD pipelines and repositories
Deploy Open Grep (Semgrep) for static analysis and security vulnerability detection in Node.js and GoLang codebases
Utilize Prowler for comprehensive AWS security assessments and compliance checks
Implement Scout Suite for multi-cloud security auditing and configuration reviews
Develop security automation scripts and tools using Python, Bash, and AWS SDKs
Integrate security scanning and compliance checks into CI/CD pipelines
Automate security policy enforcement across AWS accounts and regions
Implement automated…
Position Requirements
10+ Years
work experience
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
Search for further Jobs Here:
×