Security Engineer - 3

Hiring Manager :: Sanjog Panda

About Navi

Navi is one of the fastest-growing financial services companies in India providing Personal & Home Loans, UPI, Insurance, Mutual Funds, and Gold. Navi's mission is to deliver digital-first financial products that are simple, accessible, and affordable. Drawing on our in-house AI/ML capabilities, technology, and product expertise, Navi is dedicated to building delightful customer experiences.

Founders: Sachin Bansal & Ankit Agarwal

Know what makes you a Navi_ite: 

1 Perseverance, Passion and Commitment

• Passionate about Navi's mission and vision
• Demonstrates dedication, perseverance and high ownership
• Goes above and beyond by taking on additional responsibilities

2 Obsession with high quality results

• Consistently creates value for the customers and stakeholders through high-quality outcomes
• Ensuring excellence in all aspects of work
• Efficiently manages time, prioritizes tasks, and achieves higher standards

3 Resilience and Adaptability

• Adapts quickly to new roles, responsibilities, and changing circumstances, showing resilience and agility

What do we do at Navi Security?

Engineers at Navi love to work on cutting-edge technologies, experiment, and build things that will change the world of finance for a better future. Being a fin-tech company, we firmly believe that our consumers' security and privacy are crucial, and committed to achieving the same.

As a security engineer, you would be working in a varied domain within the product security team, from taking tech challenges head-on to evangelising security across groups by helping them understand security bugs, and enabling them to write secure software. 

You would be spending time pen-testing, developing, and deploying vulnerability management tools across CI/CD security solutions. As there would be multiple hats to wear, we expect you to be good at the skills below.

Responsibilities :

• Perform security assessments at least on two technologies such as web, Mobile, Infra, and APIs. Develop Proof Of Concept for exploit.
• Build proactive security controls, and automate a few monotonous security testing activities.
• Understand problem statements, and research, and take a solution-oriented approach.
• Hands-on experience with handling cloud security posture in AWS or any relative cloud environment. 
• Understands how IaC (Terraform, cloud formation, helm charts) works and is able to audit and work on it. 
• Do threat modeling, and architecture reviews and provide recommendations on secure product design
• Review existing and new 3rd party integrations with Navi.
• Coding skills to develop POC and security tools to build, and maintain toolings to improve security maturity.
• Become a Security SME and respond to internal security incidents.

Qualifications :

• A solid background in product security engineering, with a proven track record of 3-5 years in similar roles.