Senior Product Security Engineer

About Groww

We are a strong and enthusiastic team focused on making financial services accessible to every Indian through a multi-product platform. Each day, we help millions of customers take charge of their financial journey.

Customer obsession is in our DNA. Every product, every design, every algorithm down to the tiniest detail is executed keeping the customers needs and convenience in mind.

Our people are our greatest strength. Everyone at Groww is driven by ownership, customer-centricity, integrity and the passion to constantly challenge the status quo.

Got the keeda in you to defy conventions and embrace the extraordinary? Chat with us.

Our Vision

Every individual deserves the knowledge, tools, and confidence to make informed financial decisions. At Groww, we are making sure every Indian feels empowered to do so through a cutting-edge multi-product platform offering a variety of financial services.

Our long-term vision is to become the trusted financial partner for millions of Indians.

Our Values

Our culture enables us to be what we are Indias fastest-growing financial services company. It fosters an environment where collaboration, transparency, and open communication take center-stage and hierarchies fade away. There is space for every individual to be themselves and feel motivated to bring their best to the table, as well as craft a promising career for themselves.

The values that form our foundation are:

• Radical customer centricity
• Ownership-driven culture
• Keeping everything simple
• Long-term thinking
• Complete transparency

Roles & Responsibilities

• Assess applications and products for security vulnerabilities, design flaws and interact with project teams to understand the security requirements
• Performing Web application security testing, Mobile(Android/iOS) application security testing and Secure code review
• Conduct Product Requirement reviews, Threat modelling, Static Code Reviews and cloud security assessments
• Evaluate security vulnerabilities, think out of the box in building attack scenarios and prioritise remediation efforts
• Evaluate and improve application security tools and processes
• Research latest security best practices, staying current on new vulnerabilities and threats

Skills and Expertise

• Proficient in OWASP Top 10/SANS TOP 25, PRD Review, Threat Modelling, Red Teaming, Source Code review
• Inclination towards learning multiple areas of security and building competency to deliver a wide spectrum of security like Cloud security, devSecOps, Data security etc.
• Ability to understand tech deeply and work with respective tech teams to define functional security design and best practices framework for security
• A sharp focus on automating repeatable tasks and reducing operational overheads
• Excellent communication skills to proactively communicate with stakeholders to keep them up to speed on any issues.
• Contributions to open source projects, GSoC etc is a plus
• Certifications are not mandatory but skills are.