About Fam (previously FamPay) Fam is India's first payments app for everyone above 11. FamApp helps make online and offline payments through UPI and FamCard. We are on a mission to raise a new, financially aware generation, and drive 250 million+ youngest users in India to kickstart their financial journey super early in their life. Founded in 2019 by IIT Roorkee alumni, Fam is backed by some of the most respected investors around the world like Elevation Capital, Y-Combinator, Peak XV (Sequoia Capital) India, Venture Highway, Global Founder’s Capital and the likes of Kunal Shah, Amrish Rao as angel investors. About this Role Join Us as a Cyber Guardian at Fam! At Fam, we're looking for someone who thinks like a hacker but works for the good guys—someone who's obsessed with ensuring ZERO vulnerabilities in our technology. As a key member of our product security team, you’ll be the first line of defense, protecting our users' data, money, and identity. Your mission? Keep our digital infrastructure safe and secure, so our users can trust us without a second thought. If you're ready to take on this responsibility and make a real impact, we want you on our team!
On the Job
Conduct application penetration testing to identify vulnerabilities in FamApp’s software products
Perform cloud penetration testing to assess the security of our cloud infrastructure
Analyze and report on security findings, providing recommendations for remediation
Collaborate with development teams to integrate security best practices into the software development lifecycle
Stay updated on the latest security trends, threats, and best practices.
Must-haves (Min. qualifications)
Bachelor’s degree in Computer Science, Information Security, or a related field
At least 4-7 years of experience in application penetration testing and cloud penetration testing
Proficiency with tools such as Burp Suite, Metasploit, Nessus, and AWS Security tools
Strong understanding of common web application vulnerabilities like SQL injection, XSS, and CSRF
Familiarity with cloud security concepts and technologies, particularly AWS and Azure.
Good to have
Experience in Capture The Flag (CTF) competitions
Participation in bug bounty programs and recognition in any hall of fame
Contribution to CVE (Common Vulnerabilities and Exposures) entries
Possession of relevant certifications such as CEH, OSCP, or AWS Certified Security – Specialty would be advantageous.
Why join us?
Join a dynamic, lean team of engineers and gain the opportunity to work on security, making a meaningful impact for millions of users.
Opportunity to work on challenging & advanced tech