Security Engineer

Fi is a money management platform that helps users get better with their money — spend smarter, save better, and take control of their financial journey. We’re not a bank; we’re reimagining the way people interact with money.
About Fi:We’re a Series C fintech startup founded by ex-Google Pay leaders, backed by the best (Sequoia, Ribbit, Alpha Wave, etc.). Our mission is to help people maximise their financial potential — and we’re doing it with thoughtful design, deep tech, and zero BS.
As a Security Engineer at Fi, you’ll play a pivotal role in building and scaling secure systems that serve millions of users. This isn’t just a checkbox role — it’s a deep, hands-on opportunity in a super lean, high-trust security team. You’ll have direct ownership, collaborate across engineering, product, DevOps, compliance and legal teams and shape the future of secure banking experiences in India.

What You’ll Do:

• Oversee a broad spectrum of information security areas within the company.
• Perform comprehensive security assessments, such as penetration testing, vulnerability scanning, and code analysis, to detect vulnerabilities in web applications, APIs, mobile platforms, and cloud environments.
• Prioritise "Shift Left" methodologies by embedding preventative security measures throughout the Software Development Life Cycle (SDLC).
• Develop and maintain security tools, scripts, and automation frameworks to streamline security processes such as scanning, monitoring, and incident response
• Actively participate in DevSecOps practices by integrating automated security verifications into the CI/CD pipeline.
• Partner with engineering teams and DevOps team to resolve and fix discovered security flaws.
• Experience with various cloud computing environments, with a preference for Amazon Web Services (AWS).
• Familiarity with industry compliance frameworks like PCI DSS and ISO 27001 is preferrable.
• Engage in compliance audits by ensuring completeness of all necessary evidence and documentation.
• Supports the delivery of security awareness and training programs for software developers.

What Makes This Role Special:

•  We won the GFF 2024 Award for Best Digital Banking Security Practices — a recognition of excellence in consumer-grade fintech security.
• That’s a big deal. B2C fintech means securing real-time systems, real money, and real people — at scale. It’s where security meets experience, trust, and regulation. You’ll learn how to secure systems with RBI oversight, data privacy at scale, and user-first thinking baked into every layer.

We’re a lean team — no red tape, no silos. That means:
• You get to own big pieces of the puzzle.
• You’ll wear multiple hats and level up rapidly.
• You’ll learn directly from our founders, CTO, and cross-functional CXOs.

What We’re Looking For:

• 2–6 years of experience in security engineering or related roles.
• Strong fundamentals in application security, cloud security (AWS preferred).
• Experience with common tools like Burp Suite, Metasploit, Nessus etc.
• Bonus: exposure to compliance frameworks (ISO27001, SOC2, PCI-DSS) or RBI/NPCI/SEBI guidelines.
• Grit, curiosity, and the ability to operate independently in a high-trust team.

What You Get at Fi:

• Unmatched learning — across security, fintech, compliance, user behaviour, and growth
•  The Learning Stash — a dedicated fund for your personal and professional up-skilling
•  20 days PTO, unlimited sick leave, generous parental leave,
•  Daily lunches, a stocked micro kitchen, in-house gym, and Biryani Fridays
•  Medical + life insurance for you and your family, plus 24x7 therapy support
•  FiAspire Projects — our internal gig program to explore new skills and roles
•  Game rooms, Premier Leagues, and work that’s actually fun

Selection Process :  Once you apply via the careers page, we will reach out to shortlisted candidates with further steps.
We are currently functioning from office in Bangalore.  We aspire to create an inclusive culture of diverse people not just because it's the right thing to do but because heterogeneity inspires us and is more fun! We employ people solely on merit and do not discriminate against any employee or applicant because of race, creed, color, religion, gender, sexual orientation, gender identity/expression, national origin, disability, age, genetic information, marital status, pregnancy or related condition (including breastfeeding), or any other basis protected by law.