Security Architect - AI-Powered Security Engineering
**Security Architect - AI-Powered Security Engineering
About the Team**
The security team at Meesho is like the Avengers to Meesho's S.H.I.E.L.D. When 5% of Indian households shop with us, it’s important to build resilient systems to manage millions of orders every day. We’ve done this, with zero downtime! We value speed over perfection, and see failures as opportunities to become better. By 2030, Meesho will be the world’s most trusted and secure digital ecosystem, operating on an AI-native, Zero-Trust, self-healing architecture. As we shift toward an era where autonomous agents generate and deploy code, we want to ensure our security scales seamlessly with engineering velocity. We place special emphasis on the continuous growth of each team member, fostering a strong 'Founder’s Mindset' that helps us move fast.
About the Role
We are looking for a highly technical, hands-on Security Architect (Individual Contributor) to guide and lead our AI-Powered Security Engineering charter. In this role, you will bridge the gap between conventional DevSecOps, infrastructure security, and the rapidly evolving landscape of AI. You will optimize our AI-driven Software Development Lifecycle (SDLC) by designing secure-by-default guardrails for both human developers and AI coding agents. Your mission is to ensure near-zero vulnerabilities from application and data security failures reach production. A significant portion of your focus will involve advanced Red Teaming, utilizing LLMs to improve Meesho's security posture, and architecting defenses for our autonomous AI systems against prompt injection, data leakage, and jailbreaking attacks.
What You Will Do
Lead AI Security Architecture: Drive the technical roadmap and high-level design to continuously prevent, detect, and autonomously contain threats across our systems and AI agents.
Hands-on Prototyping & POCs: Build proof-of-concepts for autonomous agent harnesses that automatically detect, analyze, and mitigate security vulnerabilities in real-time.
AI SDLC Optimization: Architect non-bypassable security guardrails across the SDLC for both developers and AI coding agents to ensure production systems are secured by default.
Red Teaming & Adversarial Validation: Proactively execute adversarial testing by simulating real attack scenarios across APIs, AI systems, and infrastructure to validate defense mechanisms.
Protect AI Systems: Design deep technical defenses to protect all AI agents and experimental features from prompt injection, system misuse, manipulation, and unauthorized actions.
Zero-Trust Governance: Architect a Zero Trust Identity Control Plane that eliminates implicit trust, ensuring access for both humans and autonomous agents is time-bound, least-privileged, and continuously verified.
Technical Leadership & Influence: Act as a security expert and IC leader. Mentor security engineers, provide architectural guidance across the organization, and partner closely with ML, DevOps, and Platform teams to evangelize secure coding practices without direct reporting lines.
What You Will Need
Experience: 10+ years of hands-on technical experience across different areas of security, including infrastructure security, product security, system design, and DevSecOps.
AI/ML Security Expertise: Proven track record of leveraging coding agents and LLMs for security workflows, Red Teaming GenAI models, and building defenses against jailbreaking, adversarial ML, and model hallucination risks.
DevSecOps & Cloud Mastery: Deep technical proficiency with cloud platforms like AWS or GCP, including their security tools, Docker, and containerization technologies.
Technical Proficiency: Proficiency in programming languages such as Java, Node.js, and Python, combined with hands-on experience securing production code, developing security tooling, and performing manual source code reviews.
Strategic Vision & Threat Modeling: Ability to architect secure-by-default platform capabilities so all services inherit baseline security automatically, paired with advanced threat modeling skills for AI-native and distributed architectures.
Bonus Points
Relevant certifications such as GIAC Web Application Penetration Tester (GWAPT) or OffSec’s Advanced Web Attacks and Exploitation (WEB-300).
Strong understanding of emerging AI security frameworks (e.g., MITRE ATLAS, NIST AI RMF).
Experience participating in bug bounty programs or speaking at meetups/conferences.
Developing Security products and frameworks.
Job Details
Experience
Staff · 10+ yrs