Security Engineer

About EpiFi

Who we are: Simply put, a Fin-Tech startup for digital natives

Our mission is to help our users demystify their finances, maximize their savings and spend intelligently

We are building a highly secure ‘hub’ a savings account that allows you to consolidate your finances in a single intuitive view

Who were looking for: Exceptional, innovative people! Passionate about delightful user experiences, clear about doing the right thing and hungry to impact millions of lives

Why you should work with us: We are about doing the right thing always, both for our team and users

We are a positive, transparent and inclusive community celebrating success together, encouraging bias for action and individual brilliance

We are ambitious and want everyone thinking impact and growth

Our office is not just fun, it is human, nimble and business-like

With rich experience in the world's leading tech companies and banks, we deeply and equally understand both the finand techin fintech

Funded by leading global VCs, were in pursuit of a fantastic experience for both our consumers and colleagues

What this role is about : As one of the early members of the security team, you will have an outsized impact on the priorities & direction of the security program and play a key role in building out our security program

The product freatures brings with it a unique set of security challenges, which are critical for us & we are committed to adhere to the security compliance as a central function of the business

At epiFi you will :

Identify critical flaws in our web applications and cloud infrastructure that could be exploited

Collaborate with peers to write and review technical proposals, architectural diagrams, application code and cloud formation

Reduce assessment time by maintaining specifications and tooling

Improve the scope of our assessments by adding new techniques and new categories of vulnerability assessments

Educate the organization to pre-emptively develop secure services and to prevent security regressions by organizing talks and preparing written articles

You should apply if you have:

At least 5+yrs of experience as a Security Engineer or working as a Software Engineer with deep involvement in securing web applications

The ability to understand complicated information-flows along with the ability to use one or more high-level programming language

The understanding of web technologies such as Browsers, JavaScript, APIs, Websockets, Databases, Front-End and Back-End systems

The understanding of web security mechanisms (such as SOP, CORS, CSP, Subresource Integrity, and same-site cookies)

The awareness of applications implementing OAuth, SAML and JWT authentication

Selection Process : Once you apply via the career page, we will reach out and reach out to schedule 3-4 rounds of video interviews with leadership & key stakeholders

In addition to assessing your technical/coding experience, expect at least 3 rounds to assess your communication & articulation ability, general aptitude, attitude and cultural fitment

We are currently functioning from office in Bangalore

We aspire to create an inclusive culture of diverse people not just because it's the right thing to do but because heterogeneity inspires us and is more fun! We employ people solely on merit and do not discriminate against any employee or applicant because of race, creed, color, religion, gender, sexual orientation, gender identity/expression, national origin, disability, age, genetic information, marital status, pregnancy or related condition (including breastfeeding), or any other basis protected by law