Security Engineer

About EpiFi

Who we are: Simply put, a Fin-Tech startup for digital natives. Our mission is to help our users demystify their finances, maximize their savings and spend intelligently. We are building a highly secure ‘hub’ a savings account that allows you to consolidate your finances in a single intuitive view.

Who we- re looking for: Exceptional, innovative people! Passionate about delightful user experiences, clear about doing the right thing and hungry to impact millions of lives.

Why you should work with us: We are about doing the right thing always, both for our team and users. We are a positive, transparent and inclusive community celebrating success together, encouraging bias for action and individual brilliance. We are ambitious and want everyone thinking - impact and growth- . Our office is not just fun, it is human, nimble and business-like.

With rich experience in the world's leading tech companies and banks, we deeply and equally understand both the - fin- and - tech- in fintech. Funded by leading global VCs, we- re in pursuit of a fantastic experience for both our consumers and colleagues.

What this role is about : As one of the early members of the security team, you will have an outsized impact on the priorities & direction of the security program and play a key role in building out our security program. The product freatures brings with it a unique set of security challenges, which are critical for us & we are committed to adhere to the security compliance as a central function of the business.

At epiFi you will :

• Identify critical flaws in our web applications and cloud infrastructure that could be exploited.
• Collaborate with peers to write and review technical proposals, architectural diagrams, application code and cloud formation.
• Reduce assessment time by maintaining specifications and tooling. Improve the scope of our assessments by adding new techniques and new categories of vulnerability assessments.
• Educate the organization to pre-emptively develop secure services and to prevent security regressions by organizing talks and preparing written articles.
  
  
  

You should apply if you have:

• At least 5+yrs of experience as a Security Engineer or working as a Software Engineer with deep involvement in securing web applications.
• The ability to understand complicated information-flows along with the ability to use one or more high-level programming language.
• The understanding of web technologies such as Browsers, JavaScript, APIs, Websockets, Databases, Front-End and Back-End systems.
• The understanding of web security mechanisms (such as SOP, CORS, CSP, Subresource Integrity, and same-site cookies)
• The awareness of applications implementing OAuth, SAML and JWT authentication.
  
  
  

Selection Process : Once you apply via the career page, we will reach out and reach out to schedule 3-4 rounds of video interviews with leadership & key stakeholders. In addition to assessing your technical/coding experience, expect at least 3 rounds to assess your communication & articulation ability, general aptitude, attitude and cultural fitment.

We are currently functioning from office in Bangalore.

We aspire to create an inclusive culture of diverse people not just because it's the right thing to do but because heterogeneity inspires us and is more fun! We employ people solely on merit and do not discriminate against any employee or applicant because of race, creed, color, religion, gender, sexual orientation, gender identity/expression, national origin, disability, age, genetic information, marital status, pregnancy or related condition (including breastfeeding), or any other basis protected by law.