Job Overview: 

We are seeking a Software Engineer – Security & Privacy to design and implement secure systems, ensuring data protection and compliance with industry standards. This role requires expertise in security engineering, cryptography, and privacy-preserving technologies to safeguard applications against evolving threats.

As a Security & Privacy Engineer, you will collaborate with development teams to integrate security best practices, conduct threat modeling, and build privacy-focused solutions. You will play a key role in strengthening security infrastructure, protecting sensitive data, and ensuring compliance with regulations like GDPR, CCPA, and ISO 27001.

Key Responsibilities:

• Design and implement secure architectures, authentication, and access control mechanisms

• Develop and maintain privacy-preserving solutions, including encryption and anonymization techniques

• Conduct security assessments, penetration testing, and threat modeling

• Identify and remediate vulnerabilities in applications, networks, and infrastructure

• Ensure compliance with data protection regulations (GDPR, CCPA, HIPAA, ISO 27001)

• Implement and optimize encryption, hashing, and secure communication protocols

• Develop and enforce secure coding best practices across development teams

• Work with DevOps to implement secure CI/CD pipelines and cloud security measures

• Stay updated on emerging security threats, attack vectors, and industry standards

Qualification

Education: 

• Bachelor’s or Master’s degree in Computer Science, Software Engineering, or a related field

Experience:

• 3+ years of experience in software security engineering

• Strong proficiency in security best practices, cryptographic techniques, and secure coding

• Experience with application security, penetration testing, and threat modeling

• Hands-on experience with authentication protocols (OAuth, SAML, OpenID Connect)

• Knowledge of network security, firewalls, IDS/IPS, and secure cloud architectures

• Familiarity with privacy frameworks, anonymization techniques, and compliance standards

• Experience with security tools (Burp Suite, Metasploit, OWASP ZAP, Wireshark)

• Understanding of secure software development lifecycle (SDLC) and DevSecOps principles

Skills:

• Expertise in security engineering, cryptography, and data privacy

• Proficiency in Python, Go, C++, or Java for secure software development

• Experience with penetration testing, vulnerability scanning, and threat modeling

• Strong understanding of encryption, authentication, and access control mechanisms

• Familiarity with compliance standards (GDPR, CCPA, HIPAA, ISO 27001, SOC 2)

• Hands-on experience with cloud security (AWS, Azure, GCP) and container security

• Strong analytical and problem-solving skills with a security-first mindset.