We love people who define their surroundings and who are constantly looking to learn new things. We value honesty and integrity above all. We love people who are honest, self-aware and intent on bettering themselves each day. If you love growth - professional and personal, then MediaMint is most likely the place for you!

What do we do :

MediaMint is an AI-powered Revenue Operations services company dedicated to accelerating innovation and revenue growth for platforms and publishers worldwide. Our mission is to enhance operational efficiency, scalability, customer satisfaction, and data-driven insights through advanced technology, automation, and AI capabilities. We serve industry leaders across AdTech, Consumer, CTV, Publishing, and Retail.

Job Description :

Were looking for a hands on Security Engineer who can blend application security, cloud security, and platform guardrails to protect a fast moving, multi tenant AI platform. You will design and automate secure by default patterns, harden our Kubernetes and cloud stack, and embed security into the SDLC so engineers can ship quickly with confidence.

What Youll Do :

- Secure SDLC & DevSecOps : Embed SAST/DAST/SCA, dependency & container scanning, SBOMs, and signed images (e.g., Cosign) into CI/CD (GitHub Actions / Jenkins).

- Define policy gates and practical risk?based SLAs.

- Threat Modeling & Architecture : Lead threat models for agents, microservices, data flows, and AI/ML pipelines; advise on Zero Trust patterns, secure multi tenancy, and safe data sharing.

- Cloud Security (AWS/GCP/Azure) : Design IAM least privilege (SCPs, ABAC/RBAC), network segmentation (VPCs, Security Groups, NACLs), WAF, KMS/HSM key management, secret rotation, and hardened baselines.

- Kubernetes & Container Security : Enforce admission controls/OPA, network policies, pod security, runtime protections (e.g., Falco), image provenance, secrets management (Vault/Cloud Secrets), and cost aware isolation for AI workloads.

- Data Protection & Privacy : Implement encryption in transit/at rest, tokenization/pseudonymization for PII, fine grained access controls, auditability, data retention, and secure sharing patterns.

- Identity & Access : Own SSO/OIDC/OAuth2, SAML, workload identity, service to service mTLS, and API auth/authorization for internal and customer facing services.

- Detection & Response : Build actionable detections (SIEM/SOAR such as Datadog/Splunk), tune alerts, lead incident response and blameless post mortems, and run tabletop exercises.

- Vulnerability & Posture Management : Operate CSPM/KSPM, IaC security (Terraform checks, drift detection), dependency management, and coordinated pentesting/bug bounty triage.

- Compliance Enablement : Partner with GRC to support SOC 2/ISO 27001 and privacy regimes (GDPR/DPDP). Automate evidence collection through controls ascode.

- Developer Enablement : Build paved roads, reusable libraries, and secure templates; run a security champions program and office hours to multiply impact.

What You Must Bring :

- 5+ years in Product Security / Cloud Security / Platform Security for production systems.

- Proven expertise in one major cloud (AWS strongly preferred) and Kubernetes security at scale.

- Proficiency in Python (preferred) or Go/Bash for automation; strong Linux/networking fundamentals.

- Hands on with DevSecOps toolchains : SAST/DAST/SCA, container & IaC scanners, SBOMs,
Sigstore/Cosign, OPA/Gatekeeper.

- Strong command of IAM, secrets management (Vault/SM), key management (KMS/HSM), and API security.

- Experience building detections and incident response runbooks with SIEM/SOAR.

- Clear, pragmatic communication with engineers and non technical stakeholders; bias for enablement over gatekeeping.

- At least one relevant certification is mandatory (e.g., AWS Security Specialty, Google

Professional Cloud Security Engineer, CKS/CKA, CISSP, OSCP, GSEC, or HashiCorp/Terraform).

Bonus Points :

- Exposure to AI/ML security : supply chain risks for models/agents, prompt injection defenses, feature store governance, model packaging (MLflow/Kubeflow/Vertex AI).

- Experience with service mesh (Istio/Linkerd) mTLS, API gateways, or event-driven architectures.

- Familiarity with AdTech/MarTech/RevOps domains and data privacy nuances.

- Contributions to security OSS, bug bounties, or published research.

About MediaMint :

MediaMint is a global professional services firm specializing in digital marketing and consulting. We work with a broad spectrum of clients - from Fortune 500 to start-ups. Our mission is to provide strategic, operational and technical support that drives performance and delivers outstanding results for our clients. Our vision is to be the transformative operating partner for media and technology companies worldwide. We currently have 7 offices.

Our headquarters is in Hyderabad and it is our main delivery and operations center. Our other offices are in San Francisco, New York, Spain, Canada, Mexico, Krakow (Poland) and Ilorin (Nigeria). MediaMint currently employs more than 3000+ dedicated professionals.