Job description
Security Engineer (Individual Contributor)
Experience: 6-10 years
About WazirX:
At WazirX, we’re not just building software – we’re pioneering the future of finance. As a young, passion-driven company at the cusp of the crypto revolution, we’re looking for innovative thinkers and relentless creators who align with our mission of making crypto accessible to all Indians. If joining a vibrant team of top talent, pushing boundaries, and reshaping the industry through constant learning and breakthrough ideas excites you, WazirX is where you belong.
About the Role:
WazirX is looking for a skilled Security Engineer with expertise in securing web and mobile applications, as well as identifying vulnerabilities across both application and infrastructure layers. This role is perfect for someone with a “hacker mindset” who enjoys uncovering vulnerabilities in web applications, APIs, and infrastructure. The ideal candidate is proactive, self-motivated, and committed to enhancing the security of our platforms by identifying and addressing vulnerabilities.
Responsibilities:
- Conduct in-depth vulnerability assessments and penetration tests on web applications, APIs, infrastructure, and cloud environments to identify high-risk vulnerabilities.
- Simulate attacker methods on both our applications and infrastructure to expose and assess real-world risks, developing realistic exploitation scenarios.
- Collaborate closely with engineering teams to prioritize and remediate vulnerabilities in both application and infrastructure components.
- Provide actionable recommendations for improving application and infrastructure security and assist teams in implementing these enhancements.
- Stay current on the latest security threats, vulnerabilities, and attack vectors across application and infrastructure domains.
- Develop secure coding, configuration, and deployment practices across both applications and infrastructure.
- Document security findings clearly, ensuring that both technical and non-technical audiences understand the issues and solutions.
Skills & Qualifications:
- Experience: 6-10 years in a Security Engineer, Penetration Tester, or similar role focused on both application and infrastructure security.
- Certifications: Relevant certifications in ethical hacking, penetration testing, or security engineering are highly desirable.
- Technical Expertise: Proficient in identifying and exploiting vulnerabilities across web applications and infrastructure, including common attack vectors such as SQL Injection, Cross-Site Scripting (XSS), insecure configurations, and network misconfigurations.
- Programming & Scripting: Proficiency in at least one programming or scripting language (e.g., Python, JavaScript, Bash, or PHP).
- Tools: Experience with security tools for both applications and infrastructure, including Burp Suite, Metasploit, Nmap, AWS Security Hub, and similar tools for cloud and network security.
- Cloud & Infrastructure Knowledge: Familiarity with security best practices for AWS and container security (e.g., Docker, Kubernetes).
- Self-Starter: Highly self-motivated, thrives on independent research, and continuously seeks out new challenges.
- Team Impact: Effective communication and collaboration skills, with a strong ability to advocate for security and influence cross-functional teams.
Preferred Requirements:
- Regular engagement in bug bounty programs or responsible disclosure programs in personal time, with proven success in reporting vulnerabilities.
- Experience in securing infrastructure environments, cloud networks, and virtualized systems.
- A track record of independent security projects and active participation in security communities.
- Passion for fostering a proactive security culture across both application and infrastructure teams.
Why WazirX?
- Work from Anywhere: As a remote-first company, we believe great work can happen from anywhere. Enjoy the flexibility to work from wherever you feel most productive and supported.
- Shape the Future of Crypto: Be at the forefront of the crypto revolution, working on groundbreaking projects that redefine financial freedom for millions.
- Own your role & push the envelope: We’re a fast-growing company that encourages every team member to take on responsibility, push boundaries, and continuously learn. Your growth is as important to us as our own.
- Mission-Driven Culture: Join a team that is on a mission to make crypto accessible to every Indian. You’ll collaborate with creative thinkers and driven problem-solvers united by a shared mission.
- Flexibility and Autonomy: We trust our team to take ownership. With our flexible culture, you’ll have the autonomy to work in a way that suits you, with the resources and support you need to succeed.
- Cutting-Edge Tech: Work with the latest tools and technologies, contributing to a product that’s built on a foundation of innovation and scalability.
- Collaborative Environment: At WazirX, great ideas come from every corner. You’ll work closely with cross-functional teams to bring your ideas to life and make a visible impact.
