Jupiter was founded in 2019 by Jitendra Gupta, best known as the founder of Citrus Pay. The idea was simple: why should personal finance be the one experience that isn't customer-centric? That question sparked a mission to build a modern, intuitive platform that puts people in control of their money.

When we launched in 2021, over 100,000 people were already on the waitlist. Within 10 months, we crossed 1 million users. Today, 2.8 million+ users trust Jupiter to manage their finances — from automated spending insights across all their savings accounts, to the Edge CSB Bank RuPay credit card, to No-Penalty SIPs and Daily SIPs starting at ₹10.

We've built this on cutting-edge technology, strong data analytics, and a diverse team of creative thinkers and domain experts who share a vision for accessible, transparent, and inclusive finance. Now we're looking for like-minded people to join the crew.

The Role

We're looking for a Security Engineer 2 with hands-on experience in web and Android penetration testing, DevSecOps pipeline hardening, and security automation. You should be current with the evolving threat landscape and skilled at leveraging AI to improve security tooling and workflows.

Responsibilities

Security Engineering & Automation

Design and implement security automation frameworks for threat detection, remediation, and compliance validation across cloud and application layers
Develop tools and scripts to enhance security visibility across AI model pipelines, APIs, and data integrations
Integrate security controls into CI/CD workflows, including SAST, DAST, SCA, and IaC scanning
Lead periodic VAPT (Vulnerability Assessment & Penetration Testing) for web apps, mobile apps, agentic AI platforms, and connected services

Cloud & Infrastructure Security

Secure multi-cloud environments (AWS/OCI) using native and third-party tooling
Build and maintain IaC security baselines with automated configuration drift detection
Configure and manage WAF rules for DDoS mitigation and bot protection
Enforce secrets management, IAM policies, and container security best practices across production workloads

AI & Data Security

Collaborate with engineering teams to remediate vulnerabilities and enforce secure SDLC practices
Conduct internal security training and phishing simulations
Apply AI model security and data privacy principles to protect sensitive data flows

Compliance & Governance

Contribute to the implementation and maintenance of ISO 27001, SOC 2, DPDPA, and PCI DSS controls

Requirements

3+ years of experience in product security or a related field
Proven hands-on experience with security assessments, threat modeling, code reviews, and penetration testing
Strong understanding of secure coding practices and secure SDLC principles
Proficiency in scripting languages such as Python, Bash, or similar
Working knowledge of OWASP, static/dynamic analysis tools, and common security frameworks (CWE, CVSS)
Excellent communication and collaboration skills, with the ability to influence cross-functional teams
Strong analytical and problem-solving abilities
Ability to manage multiple projects and prioritize effectively
A genuine passion for building secure products and fostering a security-first culture

Preferred Qualifications

Experience with AWS/OCI infrastructure security
Hands-on experience securing PII and sensitive content
Understanding of compliance frameworks such as RBI, NPCI, SOC 2, DPDPA, and ISO 27001

Nice to Have

Experience in a fintech or startup environment
Knowledge of red teaming methodologies
Certifications such as OSCP, AWS/GCP Security Specialty, CEH, CISSP, or CKS
Exposure to multi-cloud environments including GCP and OCI

Why Jupiter

Ownership mindset — We value people who see projects through to completion
Meaningful problems — We tackle real challenges and craft delightful customer experiences
Healthy debate — We value consent over consensus, and reward ownership and commitment
Continuous growth — We constantly raise the bar; if you crave learning, this is the place

Security Engineer 2