Senior Product Security Engineer

Truemeds India
Truemeds India

Software Engineering, Product

Bengaluru, Karnataka, India

Posted on Jun 30, 2026

Senior Security Engineer - Product Security

Location: Mumbai/Bangalore

Experience: 3-4+ years

Type: Hands-on, product-focused

What this role is about

We’re looking for a hands-on Product Security Engineer who enjoys breaking things (ethically), understanding how systems actually work, and fixing security issues before they become incidents.

You’ll work closely with engineering teams to secure our web, mobile, and API platforms and help embed security naturally into how products are built.

This is not a policy-only or tool-only role. You’ll be close to the code, architecture, and developers.

What you’ll do (day to day)

  • Review applications and APIs for real-world security issues, not just OWASP checklists
  • Threat model new features and architecture changes before they go live
  • Test web and mobile applications through hands-on black-box testing
  • Help developers fix vulnerabilities and explain why they matter
  • Set up and maintain security checks in CI/CD pipelines (SAST, SCA, IaC scanning)
  • Coordinate penetration tests, review findings, and make sure issues actually get fixed
  • Manage our Truemed’s VDP Program
  • Review AWS security basics - AWS WAF, S3 exposure, secrets, and logging

What we’re looking for

  • 3-4+ years of hands-on experience in application or product security
  • Strong understanding of web, mobile (android / iOS) and API security fundamentals
  • Practical experience with DevSecOps tools and CI/CD pipelines
  • Ability to work closely with engineering teams and explain security clearly
  • Comfortable operating in a fast-moving product environment

Nice to Have

  • Experience with AWS-native services
  • Prior work in consumer-scale or data-sensitive platforms

Why you’ll enjoy working here

  • You’ll have ownership and visibility, secure healthcare data.
  • Security feedback is taken seriously and acted on
  • You’ll help shape how product security works as the company grows