Security Engineer 2
Department:
Job Summary
Fam is Indias first payments app for everyone above 11. FamApp helps make online and offline payments through UPI and FamCard. We are on a mission to raise a new financially aware generation and drive 250 million young users in India to kickstart their financial journey super early in their life.
Were reimagining how the next generation experiences fintechgoing beyond payments to build a lifestyle brand that blends money identity and everyday experiences into one seamless intuitive journey.
Founded in 2019 by IIT Roorkee alumni Fam is backed by some of the most respected investors around the world like Elevation Capital Y-Combinator Peak XV (Sequoia Capital) India Venture Highway Global Founders Capital and the likes of Kunal Shah Amrish Rao as angel investors.
On the Job
- Identify Vulnerabilities: Conduct penetration testing to identify vulnerabilities in FamApp applications and cloud infrastructure
- Security Incident Response: Participate in security incident response including investigations root cause analysis and remediation
- Security Awareness Training: Conduct security awareness training for the team and third-party vendors to foster a culture of security and compliance
- Policies & Compliance: Develop and implement security policies procedures and standards to mitigate risks and ensure regulatory and industry compliance
- Audits: Conduct internal and external audits to ensure compliance with laws and regulations and recommend improvements as needed
- Stay Updated: On security threats and best practices in the industry
- Cross Team Collaboration: Collaborate with teams to implement security controls that align with business requirements and support company goals
Must-haves (Min. qualifications)
- At least 2-5 year of experience in security and IT compliance in Banking Industry
- Prior experience of working in a fintech industry is a must have
- Bachelors degree in Computer Science Information Security or a related field
- Proficiency with tools such as Burp Suite Metasploit Nessus and AWS Security tools
- Strong understanding of common web application vulnerabilities like SQL injection XSS and CSRF
- Familiarity with cloud security concepts and technologies particularly AWS and Azure.
- Possession of relevant certifications such as CEH OSCP or AWS Certified Security Specialty would be advantageous
- Experience developing and implementing security policies procedures and standards
Good to have
- Experience in Capture The Flag (CTF) competitions
- Participation in bug bounty programs and recognition in any hall of fame
- Contribution to CVE (Common Vulnerabilities and Exposures) entries
- Ability to analyze problems efficiently and effectively; you stay calm and focused when outages and incidents occur
Why join us
- Work in a team of less than 5 members security and compliance team
- Take full ownership of high-impact projects
- Opportunity to grow as a trust security & IT compliance leader in the industry
PS - Were looking for someone with an AI-native mindset who actively leverages AI in their day-to-day work as we encourage and embed it across every level at Fam.
Required Experience:
IC
About Company
FamX Spending Account for everyone · Get a customised card & UPI ID · Keep your bank statements clean · Track & keep expenses in check · Open for ages 11+