Return to jobs list

Principal Security Engineer

Job type: Full Time · Department: Engineering · Work type: On-Site

Bengaluru, Karnataka, India

Principal Security Engineer

Company Overview Sarvam AI is a pioneering generative AI startup headquartered in Bengaluru, India. Our mission is to make generative AI accessible and impactful for Bharat. Founded by a team of AI experts, Sarvam.ai is dedicated to developing cost-effective, high-performance AI agents tailored for the Indian market, enabling enterprises to tap into new opportunities and foster deeper customer connections. Join us in reshaping AI for India and beyond.

About the Role

Sarvam AI is building foundational AI infrastructure. We’re looking for a hands-on security leader who brings the rigor, threat modeling discipline, and paranoia of BFSI/Fintech Security and applies it to security AI infrastructure, platforms and products.

You will own security, strategy, product security, and security research, while staying deeply technical and close to the system you're securing. You won’t be managing audits all day - you’ll be designing architectures, breaking systems and shipping fixes.

What You’ll Own

Security Strategy & Architecture

  • Define and evolve Sarvam AI’s end-to-end security strategy

  • Design secure architectures for Sarvam’s products and API platform.

  • Apply BFSI-grade threat modeling and controls to AI infrastructure

  • Make pragmatic risk decisions balancing research velocity and security

Product & Application Security

  • Lead threat modeling for AI Products, APIs and Data Systems

  • Own application and API security, including auth, access control and data isolation

  • Drive vulnerability discovery, remediation and verification

    Systems and Processes

  • Setup systems and process to proactively find and validate vulnerabilities across products and infrastructure

  • Perform targeted adversarial testing and red-teaming

  • Research emerging threats relevant to AI systems and enterprise use cases

  • Cloud & DevSecOps

  • Secure cloud infrastructure, IAM and secrets

  • Integrate security checks into CI/CD without slowing teams down

  • Improve detection and response readiness

You would be a good fit if

  • You have hands on experience working on securing enterprise and BFSI/Fintech infrastructure

  • Have participated in CTFs in web, crypto, pwn or mixed categories

  • Has participated in bug bounty programs, especially private programs for fintech, cloud or infra companies

Made with