PhonePe, one of India’s leading digital payment platforms, offers a dynamic environment where innovation meets the highest standards of security. As a company handling millions of transactions daily, safeguarding user data and ensuring secure integrations are at the core of its mission.
In this role, you will be instrumental in maintaining the security framework that upholds PhonePe’s reputation for trust and reliability. You’ll be at the forefront of evaluating, implementing, and enhancing security measures across diverse aspects of the platform, from internal applications to third-party and payment integrations.
Your responsibilities will span a broad range of security domains, including penetration testing, threat modeling, and cloud security. By working closely with cross-functional teams, you’ll define robust security practices and help design secure systems that scale with PhonePe’s growing ecosystem.
PhonePe values professionals who bring technical depth, a keen eye for detail, and the ability to manage multiple projects in a fast-paced setting. Certifications such as OSCP and experience in bug bounty programs will set you apart as a candidate for this role, reflecting your commitment to excellence in cybersecurity.
Joining PhonePe means playing a pivotal role in shaping the secure digital economy of the future, ensuring that millions of users trust the platform with their financial transactions and data.
| PhonePe Product Security Engineer Apply Link | Apply Link |
Responsibilities of the Role:
- Serve as the go-to security expert, addressing internal queries and requests related to security engineering.
- Specialize in third-party and payment system integrations, with a foundational understanding of network security principles.
- Strategically balance product development goals with security risk mitigation.
- Conduct penetration testing for both internal and external applications to identify vulnerabilities and enhance security.
Key Qualifications and Requirements:
- Holistic Testing: Ability to evaluate applications comprehensively, including edge cases and potential vulnerabilities in third-party integrations.
- Technical Expertise: Deep understanding of technology to collaborate effectively with technical teams in designing secure, functional frameworks and establishing best practices.
- Effective Communication: Strong interpersonal skills to proactively update stakeholders on identified issues and resolutions.
- Process Automation: Commitment to automating routine tasks to streamline operations and minimize manual workloads.
- Project Management: Proven ability to juggle multiple projects while maintaining focus and efficiency.
- Attention to Detail: A natural eye for detail to identify and address even the smallest potential risks.
- Comprehensive Security Knowledge: Familiarity with key security concepts, including:
- OWASP Top 10 vulnerabilities
- Mobile security considerations
- PRD reviews
- Threat modeling
- Red teaming
- Source code review
- DevSecOps practices
- Cloud security
- Fraud detection and mitigation
- Business logic vulnerabilities
- Data security measures
- Preferred Experience: Certifications like OSCP or a history of bug bounty participation are highly advantageous.
This role demands a proactive, detail-oriented professional with a passion for securing complex systems while supporting business innovation.
Additional Information
Job Location(s): Bangalore
Experience: No prior experience required
Working Days: 5 Days