Security Engineer - Penetration Testing, IAM, and Backend Security

Company Description Swades AI is India’s first dedicated AI R&D lab, focused on turning foundational research in AI, large language models, and computer vision into real-world products. The organization is committed to making AI accessible, practical, and beneficial across sectors and communities. Teams at Swades AI work on cutting-edge technologies that bridge advanced research and scalable deployment. Joining Swades AI means contributing to the AI revolution in India while working in a collaborative, impact-driven environment.

Role Description This is a full-time, remote role for a Security Engineer specializing in Penetration Testing, Identity and Access Management (IAM), and Backend Development. The Security Engineer will perform penetration tests on web applications, APIs, and infrastructure, identify vulnerabilities, and collaborate with engineering teams to design and implement secure fixes. The role includes designing and maintaining IAM policies and configurations, implementing least-privilege access controls, and monitoring for suspicious authentication and authorization activities. The individual will work closely with backend developers to embed security into services, review code and architecture from a security perspective, and contribute to secure design patterns, threat models, and security automation. Day-to-day responsibilities also involve collaborating with cross-functional teams, maintaining security documentation, and staying current with emerging threats, tools, and best practices in cybersecurity.

Qualifications

• Strong foundation in Security Engineering and Cybersecurity, with hands-on experience designing and implementing secure systems and processes.
• Practical experience in Application Security, including penetration testing of web applications and APIs, secure coding practices, and vulnerability remediation.
• Knowledge of Network Security and Information Security principles, including network segmentation, encryption, logging, monitoring, and incident response fundamentals.
• Experience with IAM concepts and technologies (e.g., OAuth2, OpenID Connect, RBAC/ABAC, SSO, MFA) and integrating them into backend services.

Browse our curated collection of remote jobs across all categories and industries, featuring positions from top companies worldwide.

• Proficiency in at least one backend programming language (such as Python, Go, Java, or Node.js) and familiarity with secure software development lifecycles (SDLC).
• Familiarity with cloud security (e.g., AWS, GCP, or Azure), containerization and orchestration (Docker, Kubernetes), and CI/CD security integration is highly beneficial.
• Ability to analyze complex systems, communicate security risks clearly to technical and non-technical stakeholders, and collaborate effectively in a remote, distributed team.
• Bachelor’s degree in Computer Science, Information Security, or a related field, or equivalent practical experience; relevant certifications (e.g., OSCP, OSWE, CISSP, CEH) are a plus.