BENGALURU · FULLTIME
Security Engineer

Razorpay
Bengaluru · onsite · Posted 2d ago
Your match
Sign in to see your match score, skill gaps & tailored resume.
Section · 01
About this role
AI Security Engineer
Role Summary ● We are hiring an AI Engineer who will build agentic systems and AI-driven automation for our security and infrastructure functions. ● The ideal candidate is AI-native first — fluent in LLMs, agent frameworks, and prompt/context engineering — with working knowledge of security and a strong grasp of infra/deployment. ● This is not a traditional security engineering role. We want someone who thinks in terms of agents, tools, and orchestration, and who can ship AI systems that operate against real production infrastructure. ● Reports into Security/Platform leadership; collaborates with SecOps, CloudSec, AppSec, and SRE teams.
What You'll Build ●
Agentic security workflows — multi-agent systems (planner-executor, orchestrator-subagent) for IR triage, threat hunting, alert correlation, and compliance evidence collection. ●
MCP servers and clients that wrap internal tools (SentinelOne, Zscaler, AWS APIs, Active Directory, Jamf, Semgrep, etc.) so agents can act on production systems. ●
AI-driven infra automation — agents that deploy, configure, and remediate Kubernetes workloads, IAM policies, network rules, and cloud resources. ● L
LM-powered detection and response pipelines — log summarisation, anomaly explanation, runbook execution, and automated containment with human-in-the-loop guardrails. ●
Evals, guardrails, and safety layers for production AI systems handling sensitive data. ● Internal AI platform — gateways, model routing, prompt registries, and observability for LLM use across the org.
Must-Have: AI Engineering ● Hands-on experience building production systems with Claude (Anthropic API), OpenAI, or equivalent frontier LLMs — not just chatbot demos. ● Strong prompt engineering and context engineering — understands tool-use loops, structured outputs, evals, and failure modes. ● Built at least one agentic system end-to-end — planner-executor, ReAct, orchestrator-subagent, or similar. ● Experience with MCP (Model Context Protocol) — has built MCP servers/clients or equivalent tool-wrapping abstractions. ● Comfort with agent frameworks — Claude Agent SDK, LangGraph, AutoGen, CrewAI, or custom orchestration. ● Working knowledge of local inference — Ollama, LM Studio, vLLM, llama.cpp — and proxy layers like LiteLLM. ● Familiarity with fine-tuning, RAG, and embeddings — knows when to reach for each. ● Has shipped at least one AI system that took real actions on real systems (not read-only analysis).
Must-Have: Infra & Deployment ● Strong Kubernetes chops — has deployed and operated workloads on EKS/GKE/AKS, written Helm charts or Kustomize, and debugged pod/networking/RBAC issues. ● AWS or GCP depth — IAM, VPC, networking, secrets, observability. ● Infrastructure as Code — Terraform, Pulumi, or CDK. ● CI/CD — GitHub Actions, ArgoCD, or similar; understands deployment patterns (blue-green, canary). ● Comfortable making agents drive infra changes — knows the diff between "agent suggests a Terraform plan" and "agent applies it" and how to gate the latter safely. ● Container security basics — image scanning, Pod Security Standards, admission controllers.
Nice-to-Have: Security Knowledge (Add-on) ● Familiarity with at least one of: SIEM/XDR (SentinelOne, Splunk), SAST/DAST (Semgrep, Burp), CSPM (Wiz, Prowler), or DLP/SSE (Zscaler). ● Awareness of OWASP Top 10 for LLMs, prompt injection, jailbreaks, and data exfil via LLMs. ● Conceptual understanding of compliance regimes — PCI DSS, ISO 27001, SOC 2, RBI, DPDP — enough to know what "evidence" means. ● Threat modelling fundamentals (STRIDE) and MITRE ATT&CK literacy. ● Note: We are not looking for a CISSP profile. Security knowledge is an add-on; AI engineering and infra are the primary bar. Mindset ● Builder, not just a researcher — ships systems, not just notebooks. ● Pragmatic about AI — knows what LLMs are bad at and designs around it (deterministic fallbacks, validators, human-in-the-loop). ● Safety-aware — thinks about prompt injection, tool abuse, and blast radius before an agent gets sudo. ● Comfortable with ambiguity — this space changes monthly; you should enjoy that. Location - Bangalore
Sourced from linkedin · view original
Let the agent run this one for you.
Tailored resume, auto-apply, and referral lookup — in under 2 minutes.
Section · 02
Skills
Section · Company
About Razorpay

Razorpay
FinTech
3.9k+
employees
2014
12 years old
Bangalore,Karnataka
India
About
Industries
Employee ratings
716 reviews
Culture
3.4
Career growth
2.8
Work-life
3.3
Employees rate it well for
Find them on