Senior Software Engineer – AWS, Backend & Security Platform

Title: Senior Software Engineer - AWS, Backend & Security Platform

Fixed CTC: 2430 LPA

ESOP: Separate from CTC, meaningful founding-stage grant

Location: Bengaluru

Stage: Hands-on founding builder with strong AWS/backend capability

Start date: September 2026.

By Year 3-5, this role can grow in one of two directions.

Engineering leadership path: Lead Engineer Engineering Manager Head of Engineering, for someone who wants to build teams and own delivery.

Technical leadership path: Founding Senior Software Engineer Chief Architect CTO-track technical leader, for someone who wants to stay deeply hands-on and become one of the technical brains behind Aletras platform.

To help us assess real product/security thinking, shortlisted applicants will be asked to submit a one-page architecture note, max 500 words at admin@aletra.ai, on asset discovery and classification for a hypothetical Indian fintech environment across AWS, Snowflake, and Google Workspace.

Aletra already has product architecture leadership in place. This is a hands-on builder role. You will not be hired to tell us what category to build or write strategy decks. You will work with the product architect and founding team to turn DSPM, DLP, GenAI security, governance, and identity concepts into production-grade customer-facing product capabilities.

Aletra is hiring a hands-on founding senior software engineer to build our AWS customer-facing security platform. The role sits at the intersection of DSPM, DLP, GenAI security, governance, and identity. You will build backend services, connectors, metadata pipelines, classification workflows, risk scoring, evidence generation, and customer-facing security workflows. This is not an architecture-only, DevOps-only, SOC, GRC, or consulting role.

What Youll Build

• Build AWS-first backend services, APIs, workers, queues, metadata pipelines, and customer-facing product workflows.
• Build connectors and integrations for AWS, Snowflake, Google Workspace, Microsoft 365, GitHub, Slack, Okta, and similar systems over time.
• Build product capabilities for asset discovery, sensitive data classification, access/permission analysis, exposure risk, data movement, and policy evidence.
• Translate DSPM and DLP concepts into working product features: discover data, classify it, assess who has access, identify exposure, detect risky movement, and support remediation workflows. DSPM typically centers on discovering/classifying sensitive data and assessing exposure, access permissions, and risk; DLP focuses more on identifying, monitoring, and protecting sensitive data from unauthorized movement or leakage.
• Build GenAI security and governance features around prompt/data leakage, RAG data exposure, AI usage evidence, model access, policy controls, and customer reporting.
• Work inside an AWS-first environment with IAM, KMS, S3, CloudTrail, GuardDuty, Macie, EventBridge, Lambda, ECS/EKS, RDS, Terraform, and production observability.
• Work closely with the product architect, but personally own implementation, trade-offs, debugging, and shipping.

What Youll Bring

• 5 to 8 years of hands-on software engineering experience, preferably in backend, cloud, data, security, SaaS, or platform-product environments.
• Strong production engineering ability in Python, Go, Java, or Node.js. Python is strongly preferred. Go is a plus.
• Strong AWS-first product engineering depth. You should be comfortable with IAM, KMS, S3, CloudTrail, GuardDuty, Macie, EventBridge, Lambda, ECS/EKS, queues, logs, and production debugging.
• Experience building APIs, backend services, workers, integrations, metadata pipelines, scanners, policy engines, reporting workflows, or customer-facing SaaS features.
• Practical familiarity with sensitive data environments, including at least three of: PostgreSQL/MySQL, MongoDB/DynamoDB, S3/object storage, Snowflake/BigQuery/Redshift, Google Workspace/Drive, SharePoint/OneDrive, Databricks/data lakes.
• Ability to turn broad concepts like DSPM, DLP, GenAI security, governance, and identity into working product features. We are not looking for someone who only knows the terms; we want someone who can build the underlying services.
• Comfort with Terraform-managed infrastructure. You do not need to be the landing-zone owner, but you should know how to build product services in an IaC-managed AWS environment.
• Familiarity with security/compliance frameworks such as SOC 2, ISO 27001, DPDP Act, GDPR, NIST, or CERT-In. You do not need to be a compliance specialist, but you should understand how technical controls become customer-facing evidence.
• A real shipping track record. In the last 1218 months, you should be able to explain what you personally built, what went live, and what outcome it created.
• Strong written technical communication. Aletra is async-first; architecture notes, implementation decisions, and trade-offs must be clear in writing.

Not the right fit if

• This is not an architecture role. We already have product architecture leadership.
• This is not a DevOps-only, Terraform-only, SOC analyst, GRC consultant, pentesting-only, or IT administration role.
• This is not an Azure-first/M365 security administration role. Aletra is AWS-first.
• This role requires daily hands-on building.

Who You'll Work With

• Reports to: CEO. Weekly one-on-one, daily standup with the founding team, and biweekly architecture review.
• Direct collaborators: the two ML/AI Engineers joining within the first quarter (you own the security-side interface to the GenAI Data Security module they build); the Sales Engineer joining in the second month (demo environments and security collateral); the Compliance Specialist joining in the fourth month (SOC 2 evidence and regulator-facing security narrative).
• External: Aletra's first three to five design partners. The SOC 2 auditor. CERT-In and DSCI engagement (paired with the Compliance Specialist). Cloud-provider security teams as needed.

Aletra is an equal opportunity workplace and complies with the POSH Act 2013.