Senior Software Engineer - Security

About the Company

At Redpin we simplify life's most important payments. Buying a new property overseas can be a stressful time, especially when it comes to moving your money. Through our Currencies Direct and TorFX brands we've been helping people do just that for over 25 years. With recent investment we're now on a mission to build a new range of digital products and services that will make moving money Internationally for Real Estate purchases even easier

We're on a mission to become the solution for Real Estate payments everywhere. To do this, we are transitioning our business from a horizontal FX platform to a verticalized, embedded software company, as we look to the future and Redpin 2.0.

As part of this mission, we're thrilled to announce we have opened a new office in Hyderabad!

About the Role

We are looking for a Senior Security Engineer to lead and scale our cloud and application security practices. This role is critical in designing secure architectures, implementing best-in-class security controls, and proactively defending against modern threats—especially in a cloud-native and AI-augmented environment.

You will collaborate closely with Security & Compliance, DevOps, SRE, Platform, and Engineering teams to embed security across the SDLC. You'll also play a strategic role in shaping our security roadmap, ensuring alignment with regulatory requirements and evolving risks.

What You'll Do

• Cloud & Infrastructure Security
• Design and enforce cloud security architecture across AWS/Azure/GCP
• Develop guardrails via Policy-as-Code (OPA, Sentinel, SCPs, etc.)
• Implement cloud posture management tools (e.g., Wiz, CrowdStrike, Prisma Cloud, CSPM)
• Application Security
• Lead secure coding practices, code reviews, and SDLC integration (SAST, DAST, SCA)
• Threat modeling and risk assessments for new and existing applications
• Automate AppSec testing within CI/CD pipelines
• AI & Modern Threats
• Define security strategy and guardrails for AI-based platforms and tools
• Ensure protection of AI model integrity, prompt injection risks, and data exposure
• Collaborate on ethical AI usage and compliance with AI-related standards
• Security Governance & Compliance
• Support compliance initiatives: SOC 2, ISO 27001, GDPR, HIPAA, etc.
• Develop policies, procedures, and risk controls aligned to regulatory needs
• Work with internal audit and legal to ensure ongoing compliance readiness
• Security Enablement & Monitoring
• Build and refine security dashboards, alerts, and KPIs
• Collaborate with DevOps/SRE to ensure observability and response readiness
• Conduct security incident analysis and root cause investigations
  
  
  
  

What You'll Need

• 8+ years in cybersecurity roles, with 5+ years in cloud and application security
• Strong understanding of:
• Cloud-native architectures (Kubernetes, containers, serverless)
• Identity and access management (IAM), secrets management
• Modern DevSecOps practices
• Experience with:
• Cloud platforms (AWS/GCP)
• Security tools: OPA, Terraform Sentinel, HashiCorp Vault, Snyk, ZAP, etc.
• IaC and CI/CD pipelines (e.g., GitLab, Jenkins, GitHub Actions)
• Familiarity with AI security risks and safe deployment patterns
• Strong grasp of security frameworks and standards (NIST, CIS, OWASP, ISO)
  
  

Bonus Points

• Certifications: CISSP, CCSP, OSCP, GCP/AWS Security Specialist, or similar
• Experience with Policy-as-Code frameworks and security automation
• Exposure to AI/ML systems, LLMs, or model governance concepts
• Experience building security programs from scratch or scaling across orgs