RemoteLeaf Logo
Log in Sign up

Senior Security Engineer, Product Security

1 hour, 52 minutes ago
India
Full-time
Senior
Security Engineer
Cybersecurity
Bash Encryption Go Java LLM Penetration Testing Python
Apply Now
Ocrolus

Ocrolus

Ocrolus is a leading document automation platform in financial services, digitizing bank and credit card statements with over 99% accuracy. It empowers lenders to automate credit decisions, enabling faster access to credit for borrowers.

Banks
251-1K
Founded 2014
$127M raised
View All Jobs 19

Description

  • Work with the CISO to define the product security strategy, roadmap, and metrics for tracking security posture.
  • Conduct design and architecture reviews for Ocrolus products and infrastructure.
  • Perform code reviews and application security assessments, including AI and LLM components.
  • Partner with development teams on secure design reviews and threat modeling exercises.
  • Research potential vulnerabilities and threats affecting Ocrolus products and help define mitigation plans.
  • Serve as a key resource for developers on secure product development issues.
  • Run penetration tests against critical data, services, and environments and document findings and protections.
  • Write and share security guidelines, remediation guidance, and security technology baselines.
  • Collaborate with stakeholders to secure AI deployments through best practices and adversarial testing.
  • Guide engineering teams on secure coding, testing practices, and broader security culture adoption.

Requirements

  • 4+ years of experience in product security across code, web applications, and APIs.
  • Experience with threat modeling, design reviews, code reviews, web application security, and enterprise cloud penetration testing.
  • Strong understanding of the secure software development lifecycle (SDLC) and how to integrate security into development processes.
  • Ability to automate product security processes and improve productivity with SAST and DAST tools.
  • Proficiency in at least one programming language such as Java, Python, Go, or Bash.
  • Knowledge of authentication, authorization, and access control mechanisms, cryptographic algorithms, and secure network communication protocols.
  • Experience with cloud security architecture and infrastructure.
  • Ability to explain vulnerabilities such as XSS, SQL injection, CSRF, cryptographic weaknesses, and code injection to technical and non-technical audiences.
  • Self-driven with strong communication and prioritization skills.
  • Preferred: published CVEs or application security articles, open-source security contributions, or certifications such as OSCP.

Benefits

  • Remote position based in India.
  • Remote-first company environment.
  • Opportunity to grow skills and take ownership of your work.
  • Meaningful impact on a fast-growing security program and the broader mission.
  • Inclusive workplace committed to diverse perspectives and equal opportunity.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Zscaler

Detection Engineer- SkillBridge Intern

Zscaler 1K-5K Internet Software & Services

Zscaler is hiring a remote Detection Engineer- SkillBridge Intern for its Red Canary R&D team to analyze security telemetry and help create fast, practical detections for customers.

United States Internship Entry Level Security Engineer
Cybersecurity SIEM
27 minutes ago
WaveStrong,

Mainframe Security SME

WaveStrong, 51-250 Internet Software & Services

A contract Mainframe Security SME is needed to lead Broadcom ACF2 to RACF migration work, supporting the design, conversion, implementation, and governance of security controls for a z/OS enterprise environment.

India Contract Lead Security Engineer
HIPAA
52 minutes ago
Stripe

Security Engineer - Threat Detection

Stripe 5K-10K Diversified Financial Services

Stripe is hiring a Detection Engineering & Threat Hunting professional to build and scale threat detections and hunting capabilities across its global infrastructure, applications, and cloud environments.

Ireland Full-time Senior Security Engineer
Apache Spark AWS Azure Databricks Elasticsearch GCP Linux macOS Python SIEM Splunk SQL Trino
58 minutes ago
Apptronik

Security Engineer - Data Platform

Apptronik 51-250 Aerospace & Defense

Apptronik is hiring a Security Engineer to define and secure the hybrid cloud and on-premise deployment environment for its Apollo humanoid robots used in industrial settings.

United States Full-time Senior Security Engineer
Ansible Encryption Go Helm Kubernetes Linux OpenID Connect Python SAML Terraform
1 hour, 7 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers