Lead Security Engineer

About the Role

We are seeking a lead security engineer to architect our overarching security strategy, build robust defenses, and lead our technical security operations. In this critical role, you will define enterprise-wide security policies, oversee the implementation of core defense mechanisms including Web Application Firewalls (WAF), and proactively identify risks through systematic threat modeling. You will bridge the gap between engineering, product, and executive teams, ensuring that security is a foundational element of our business operations. Overseeing the security posture across our infrastructure, applications, and cloud environment

Key Responsibilities

• Security Architecture & Threat Modeling: Architect, deploy, and enforce robust security controls across cloud infrastructure (AWS/OCI), networks, and CI/CD pipelines. Lead comprehensive threat modeling exercises for new features and enterprise architectures to identify vulnerabilities and design mitigating controls before code is written
• Perimeter Defense & WAF Management: Deploy, manage, and continuously tune Web Application Firewalls (WAF), API gateways, and bot mitigation platforms to protect critical enterprise assets against Layer 7 attacks, DDoS attempts, and OWASP Top 10 vulnerabilitie
• Strategic Leadership: Develop, implement, and maintain the organization's comprehensive security roadmap, aligning technical security initiatives with business objectives and compliance requirements
• Incident Management & Response: Direct the incident response team during critical security events, overseeing containment, eradication, forensic analysis, and executive post-mortem reporting
• Cross-Functional Collaboration: Partner directly with engineering directors and product managers to embed DevSecOps practices, acting as the primary security advisor for new product launches and major infrastructure changes
• Vulnerability & Risk Management: Oversee penetration testing, manage the bug bounty program, and lead continuous internal vulnerability management
• Mentorship & Team Building: Direct day-to-day operations for the security engineering team, providing technical mentorship, conducting performance reviews, and fostering a culture of proactive defense
• AI-Driven Security : Build, evaluate, integrate, AI powered security tools to accelerate vulnerability detection. Design and implement security guardrails for Navi's in-house AI/ML infrastructure. Proactively identify and mitigate AI-specific attack vector

Must Have

• Experience: 8+ years of progressive experience in cybersecurity, application security, or infrastructure security
• Technical Defenses: Hands-on expertise configuring and managing enterprise-grade Security tools
• Threat Intelligence & Risk: Proven expertise in enterprise threat modeling (e.g., STRIDE, PASTA), risk assessments, and leveraging frameworks like MITRE ATT&CK to proactively defend against advanced threat
• Architecture Proficiency: Advanced knowledge of cloud security architectures, container orchestration (Docker, Kubernetes), identity and access management (IAM/SSO), and zero-trust network principles
• Scripting & Automation: Strong proficiency in at least one language (e.g., Python, Go, Bash) to drive security automation, custom tooling, and infrastructure-as-code (IaC) security reviews
• AI/ML Security Expertise : Familiarity with emerging AI security frameworks (e.g., OWASP Top 10 for LLMs

About Navi

Navi is on a mission to make finance simple, accessible, and affordable for a billion Indians. Guided by a strong customer-first approach, the company is building tech-first solutions that work at scale

Their offerings include a range of financial products and services across Loans, Insurance, Mutual Funds, Digital Gold, and UPI. Founded by Sachin Bansal & Ankit Agarwal in 2018, Navi is one of Indias fastest-growing financial services organization

Our Culture

At Navi, ambition meets opportunity, and ideas turn into impact quickly. We empower people with high ownership from the start, encouraging them to solve meaningful problems and build with excellence. Teams work in an environment that values speed, collaboration, and craftsmanship, while celebrating learning, growth, and shared wins. The company is guided by The Navi OSa set of principles that shape how we work and win together. You can explore them at navi.com/our-values to see what drives them every

day.

If this feels like you, Navi is the place to grow, thrive and make a real impact