Product Security Engineer

Hiring expert Product Security Engineers to be part of a young and leading Enterprise SaaS Product Company that’s redefining the Loyalty domain!

At Loyalty Juggernaut, we’re on a mission to revolutionize customer loyalty through AI-driven SaaS solutions. We are THE JUGGERNAUTS, driving innovation and impact in the loyalty ecosystem with GRAVTY®, our SaaS Product that empowers multinational enterprises to build deeper customer connections. Designed for scalability and personalization, GRAVTY® delivers cutting-edge loyalty solutions that transform customer engagement across diverse industries including Airlines, Airport, Retail, Hospitality, Banking, F&B, Telecom, Insurance and Ecosystem.

Visit www.lji.io to know more about us.

As a Product Security Engineer, you'll to ensure the security of GRAVTY® throughout the development lifecycle. In this role, you will work closely with Engineering, DevOps, and Product teams to design and implement security controls, identify vulnerabilities, and drive secure coding practices. Your responsibilities will include and not limited to

• Lead and conduct Vulnerability Assessment and Penetration Testing (VAPT) across web, mobile, API, and infrastructure.
• Think like an attacker and simulate advanced threat scenarios to proactively identify security gaps.
• Utilize leading security tools such as Burp Suite, Acunetix, OWASP ZAP, Snyk, Wiz, and others.
• Leverage offensive security platforms and toolkits like Wireshark, Metasploit, Kali Linux, and more.
• Perform API and mobile platform security testing, including vulnerability discovery and exploit validation.
• Execute and document Open-Source Intelligence (OSINT) investigations.
• Collaborate closely with DevOps/Engineering to integrate security tools into CI/CD pipelines and promote DevSecOps best practices.
• Contribute to secure coding reviews and vulnerability triage, and assist in patch, compliance, and access control management.
• Monitor and respond to production security alerts and assist with security incident handling.

To be successful in this role, you should have

• A Bachelor’s degree in Engineering , preferably CS/IT.
• 1–3 years of proven experience in penetration testing and vulnerability management.
• Strong coding/scripting proficiency in Python, Java, Ruby, or similar.
• Familiarity with AWS cloud, Linux systems, Docker containers, and infrastructure security practices.
• Exposure to DevSecOps, including implementing security tools in CI/CD, and production environment protection.
• Experience in Secure Development Lifecycles, access controls, and patch & compliance frameworks.
• Industry-recognized certifications like CEH, eWPT, eWPTX, or equivalent are a plus.
• Excellent analytical, communication, and collaboration skills.
• A curious mind, a passion for security, and a knack for staying one step ahead of adversaries.