MisuJob - AI Job Search Platform MisuJob
Login Sign Up

Product Security Engineer

Shopback 2

Bangalore, India Remote permanent

Posted: May 6, 2026

Interested in this position?

Create a free account to apply with AI-powered matching

Register to Apply

Quick Summary

The Product Security Engineer is responsible for ensuring the security of ShopBack's platform, implementing security measures to protect user data, and collaborating with cross-functional teams to identify and resolve security vulnerabilities.

Required Skills

Product Security Threat Modeling Secure Design Reviews Vulnerability Analysis Secure code analysis AI-Powered Tooling Vulnerability Management Incident Response Compliance Cloud-Native Security

Job Description

Our Journey

The ShopBack Group is Asia-Pacific’s leading shopping, rewards, and payments platform, serving over 60 million shoppers across 13 markets. In 2025, the Group continued its global growth with its expansion into North America. Driven by the vision to make every day more rewarding, ShopBack is dedicated to saving members money and time, and delivering delight every day. The platform also enables merchants and brands to engage with their members in a cost-effective manner. Founded in 2014, ShopBack now powers over US$5.5 billion in annual sales for over 20,000 online and in-store partners, and has rewarded shoppers with more than US$800 million (over S$1 billion) in Cashback to date. Through its innovative offerings, ShopBack continues to create value for both members and merchants. Notably, its payment solution, ShopBack Pay, offers members a convenient and rewarding payment option at checkout.

About the Role

We are hiring a Product Security Engineer to join our small, high-leverage Information Security team. In this hands-on role, you will partner directly with engineering, SRE, and platform teams to build security into every phase of the software development lifecycle from design through production.

You will own threat modeling and secure design reviews for new features, lead vulnerability analysis and secure code reviews across our microservices and mobile applications, and help mature our AI-first security toolings. This is a builder role: we expect you to ship tooling, not just write tickets.


Your Adventure Ahead:

Lead threat modeling and secure design reviews for new products, features, and architectural changes, identifying and prioritizing risks, attack surfaces, and trust boundaries early in the SDLC.


Conduct secure code reviews and vulnerability analysis across our microservices, APIs, web, and mobile surfaces. Partner with engineers to drive remediation and uplift secure coding practices.


Build and evolve AI-powered agentic security tooling. Treat AI as a first-class capability, not a bolt-on.


Run and improve ShopBack's vulnerability management program, prioritizing findings using EPSS, CISA KEV, and business context, and driving time-to-remediation through automation and partnership with engineering teams.


Support incident response for product security incidents including blast radius analysis, root cause analysis, variant hunting, and post-incident hardening.


Partner with compliance on evidence and controls for multiple audits bridging engineering reality with audit requirements.


Essentials to Succeed:
Core experience


3 to 4 years of hands-on product or application security experience — including securing cloud-native, microservices, and mobile applications in production environments.


Strong threat modeling skills — practiced with STRIDE, attack trees, or equivalent frameworks. You can walk a team through a design, surface the real risks, and produce actionable mitigations, not theoretical lists.


Design review depth — able to read an architecture diagram or PRD and identify weak authentication, authorization gaps, data exposure risks, insecure integrations, and systemic issues. Comfortable pushing back with a clear, pragmatic security rationale.


Vulnerability analysis and secure code review — proficient reviewing code (Node.js/TypeScript, Python, Go, or similar) for OWASP Top 10, business logic flaws, authz issues, and supply chain risks. You understand the difference between a CVE and an exploitable vulnerability in context.


Programming proficiency — at least one of Python, TypeScript/Node.js, or Go. You write tooling, not just tickets.

AI and forward-looking capability


Genuine fluency with modern AI tooling — you use LLMs, coding agents, and MCP-based tooling in your day-to-day security work, and can speak to concrete examples of leverage you've created with them.


Understanding of AI/ML security risks — prompt injection, data exfiltration via agents, insecure tool use, model supply chain, and related attack classes. You don't need to be a researcher, but you should be current.


Builder mindset for AI-first security — excited by the idea of architecting security workflows with AI as a first-class capability rather than layering AI on top of existing processes only.


Learning to Execution Mentality — With the evolving space of AI, you must keep up with the next-gen technology being released, cutting the noise and clutter, and applying those insights into tooling and processes.

Ways of working


Pragmatic and high-signal — you focus on high-severity, high-impact findings and are allergic to low-severity noise. You know when to push, when to accept a risk, and when to automate a decision.


Strong written communication — you can reduce a complex finding to a crisp risk statement, a clear recommendation, and a realistic remediation path for a busy engineering team.


Collaborative by default — you drive outcomes through partnership with engineering, not gatekeeping. You're comfortable being the only security voice in a roomful of engineers and earning influence through substance.


Comfortable with ambiguity and ownership — our security team is lean; the role has broad scope and the autonomy that comes with that.


ShopBackers' DNA

• Grit - We tackle all challenges head-on, working together to solve problems and achieve success.

• Hunger - We value hard work, and having relentless drive.

• Speed - We move fast and have a bias for action, all to deliver maximum impact.

• Impact - We focus on results, always aiming for the best possible outcomes and timelines.

• Growth - We embrace a growth mindset, constantly striving to learn, improve, and excel in our roles.

Exclusively for ShopBackers

• Career progression paths and opportunities to take on greater challenges that help you realise your ambitions.

• Be part of a winning team on a journey to global scale.

• Competitive compensation based on your performance.

• Candid, open, and collaborative culture where feedback is valued, for everyone to grow and improve every day.

ShopBack is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. We do not discriminate on the basis of race, color, religion, sexual orientation, national origin, age, disability, genetic information, veteran status, or any other protected status under applicable laws. Join our team and help us make a difference!

Why Apply Through MisuJob?

AI-Powered Job Matching: MisuJob uses advanced artificial intelligence to analyze your skills, experience, and career goals. Our matching algorithm compares your profile against thousands of job requirements to find positions where you have the highest chance of success. This saves you hours of manual job searching and ensures you only see relevant opportunities.

One-Click Applications: Once you create your profile, applying to jobs is effortless. Your resume and cover letter are automatically tailored to highlight the most relevant experience for each position. You can apply to multiple jobs in minutes, not hours.

Career Intelligence: Beyond job matching, MisuJob provides valuable career insights. See how your skills compare to market demands, identify skill gaps to address, and understand salary benchmarks for your experience level. Make data-driven decisions about your career path.

Frequently Asked Questions

How do I apply for this position?

Click the "Register to Apply" button above to create a free MisuJob account. Once registered, you can apply with one click and track your application status in your dashboard.

Is MisuJob free for job seekers?

Yes, MisuJob is completely free for job seekers. Create your profile, get matched with jobs, and apply without any cost. We help you find your dream job without any hidden fees.

How does AI matching work?

Our AI analyzes your resume, skills, and experience to understand your professional profile. It then compares this against job requirements using natural language processing to calculate a match percentage. Higher matches mean better fit for the role.

Can I apply to jobs in other countries?

Absolutely. MisuJob features jobs from companies worldwide, including remote positions. Filter by location or look for remote opportunities to find jobs that match your preferences.

Ready to Apply?

Join thousands of job seekers using MisuJob's AI to find and apply to their dream jobs automatically.

Create Free Account Sign In
← Browse all jobs
Register to Apply