Security Engineer II

At SAFE Security, our mission is bold and ambitious: We Will Build CyberAGI — a super-specialized system of intelligence that autonomously predicts, detects, and remediates threats. This isn’t just a vision—it’s the future we’re building every day, with the best minds in AI, cybersecurity, and risk. At SAFE, we empower individuals and teams with the freedom and responsibility to align their goals, ensuring we all move towards this goal together. We operate with radical transparency, autonomy, and accountability—there’s no room for brilliant jerks. We embrace a culture-first approach, offering an unlimited vacation policy, a high-trust work environment, and a commitment to continuous learning. For us, Culture is Our Strategy—check out our Culture Memo to dive deeper into what makes SAFE unique. We’re looking for a Security Engineer II to join our SecOps team and play a critical role in strengthening the security posture of our products and production environment. In this role, you’ll partner closely with engineering, operations, and program management teams to design, assess, and continuously improve secure systems at scale. What You’ll Do:

Primary role is to work with the SecOps team, focusing on product and production environment security

Conduct SAST, SCA, and Secrets Scanning of the source using an automated tool, and then perform manual analysis of the findings

Conduct fortnightly, as a part of sprint ceremonies, a  manual security assessment of the new product features for web/mobile applications and APIs 

Monitor and fine-tune the DAST scan engine and review findings reported by the tool

Automate IaC code scanning and prioritize patching of those findings with the engineering team and operations team

Monitor, validate, and prioritize vulnerabilities in the production environment pertaining to Container and Serverless functions

Conduct an application log review to prevent sensitive information disclosure

Monitor  the Cloud Native Application Protection Platform for new misconfiguration security issues

Proactively collaborate with the engineering and the program management team for patch prioritization

Build and maintain automation of various security pipelines related to SAST, DAST, Vulnerability SLA, Manual Assessment Dashboard, and other SecOps activities

Coordinate with the scrum teams to identify the per-sprint manual security assessment scope and schedule a walkthrough of the feature and its implementation

Maintain and enhance developer security pattern guidelines

Create and present a weekly dashboard for DevSecOps activities and the changes in the security posture of the environment

Coordinate with the third-party security vendor for the product VAPT exercise

What We’re Looking For:

M.Tech or B.Tech / B.E. / BCA in Computer Science or Information Technology

Must have hands-on experience in conducting Application and Cloud Security as well as utilizing tools such as Burp Suite Professional, SAST, and CNAPP tools

Extensive knowledge of validating and identifying the actual impact of security issues that result from the various security assessment activities

Working knowledge of code repository solutions

Working knowledge of scripting language (Python, Shell Script, JS, etc.) for automation of certain repetitive tasks and internal SecOps initiatives

Able to manage and guide a team

Experience with Agile Scrum Methodology

Effective documentation, communication, and interpersonal skills

Any of the following certifications would be preferred: