Branch International

DevSecOps Engineer

India
Full Time
Mid Level
 

Branch Overview
Branch is a leading AI-based lending fintech with 50M+ downloads across India and Africa. We use alternative data to reach millions of people that are largely excluded from the financial sector. Headquartered in Silicon Valley with operations in India, Nigeria and Kenya, Branch is a for-profit, socially conscious company built for scale and impact. Our mission-driven team—founded and led by the former CEO of Kiva.org—now spans 400+ employees globally. We’re backed by investors such as Andreessen Horowitz, Visa, and the IFC.

 

Job Overview

We are seeking a hands-on Cloud Security Engineer to help secure the infrastructure and platforms that power our global Fin-Tech systems. In this role, you will work at the intersection of cloud infrastructure, security engineering, and DevSecOps to identify attack surfaces, strengthen security guardrails, and embed security directly into our engineering workflows. You will focus on securing our AWS environments, container platforms, and deployment pipelines while helping engineers design systems that are resilient to real-world threats.

You will collaborate closely with platform engineers, DevOps teams, and application developers to proactively identify risks, automate security controls, and improve the overall security posture of our systems. This role requires someone who can think like an attacker but build like an engineer. You are someone who enjoys identifying weaknesses, designing preventative controls, and building security automation that scales with the platform.

You will work closely with our engineering teams across India, the United States, Nigeria, and Kenya, collaborating across time zones to help build and secure a world-class Fin-Tech platform serving millions of users globally.

As a company, we are passionate about our customers, fearless in the face of barriers, and driven by data. As an engineering team, we value bottom-up innovation and decentralized decision-making. We believe the best ideas can come from anyone in the company. We work hard to create an environment where everyone feels empowered to propose solutions, challenge assumptions, and drive meaningful impact. We are looking for individuals who thrive in a fast-moving, innovative, and customer-focused setting and want to contribute to building scalable, reliable, and efficient backend systems.

Responsibilities

  • Identify and secure attack surfaces across our AWS infrastructure, Kubernetes clusters, and internal platforms by proactively assessing misconfigurations, access risks, and exposed services.
  • Design and implement preventative cloud security guardrails including IAM hardening, network controls, secrets management, and infrastructure security best practices.
  • Conduct security design reviews for new services and infrastructure changes to identify architectural risks before systems reach production.
  • Build and integrate security checks directly into CI/CD pipelines to enforce automated scanning for vulnerabilities, container images, infrastructure configurations, and application dependencies.
  • Develop automation and internal tooling to detect, prevent, and remediate security issues such as leaked secrets, excessive permissions, insecure configurations, and vulnerable dependencies.
  • Perform threat modeling and adversarial analysis of infrastructure and application systems to identify realistic attack paths and improve system defenses.
  • Improve visibility into the security posture of our systems through monitoring, logging, and security signal generation across cloud infrastructure and workloads.
  • Investigate security incidents and vulnerabilities, perform root cause analysis, and implement long-term fixes to prevent recurrence.
  • Collaborate closely with platform, infrastructure, and application engineering teams to ensure security is embedded in development workflows and infrastructure design.
  • Contribute to building scalable security practices including vulnerability management processes, security automation frameworks, and infrastructure security standards.
 

Qualifications

  • 4–8 years of experience in cloud security, DevSecOps, security engineering, or related roles involving infrastructure and application security.
  • Strong understanding of applied cryptography and ability to choose the right security tools, techniques, and approach for securing systems from a variety of threats.
  • Strong hands-on experience securing AWS environments including IAM policies, networking controls, access management, logging, and infrastructure hardening.
  • Practical experience working with Kubernetes and containerized environments, including securing container images, workloads, and cluster configurations.
  • Experience integrating security controls into CI/CD pipelines and development workflows, including automated vulnerability scanning and dependency security checks.
  • Ability to write automation and security tooling using scripting or programming languages such as Python, Go, or similar.
  • Familiarity with Infrastructure-as-Code tools such as Terraform and an understanding of securing infrastructure configurations and deployment pipelines.
  • Experience identifying and remediating cloud security risks such as excessive IAM permissions, exposed services, insecure secrets management, and vulnerable infrastructure components.
  • Understanding of common cloud and application security threats including privilege escalation, credential leakage, network exposure, and supply chain vulnerabilities.
  • Strong problem-solving mindset with the ability to think adversarially about systems and proactively identify potential attack paths.
  • Excellent collaboration and communication skills (verbal as well as written) with the ability to work closely with engineering teams and other stakeholders to improve security posture without slowing development velocity.
  • Bonus experience includes security research, penetration testing, bug bounty participation, building internal security tooling, or contributions to security-focused open-source projects.
  • Bonus abilities include ability to lead and mentor a team, and ability to drive complex projects spanning code bases, systems, and people.
 

Why Join Us

  • Competitive salary and equity package
  • Fast-paced, collaborative, and high-autonomy work culture
  • Hybrid work setup designed for flexibility and work-life balance
  • Fully paid group medical insurance and personal accident insurance
  • Generous paid time off, plus company-declared public holidays
  • Fully paid parental leave for fathers and non-birthing parents (12 weeks), in addition to 26 weeks of statutory maternity leave
  • Monthly WFH stipend, along with a one-time home office setup budget
  • $500 annual professional development budget
  • Quarterly social meet-ups and sponsored monthly team lunches
 

We’re looking for more than just qualifications – if you’re unsure that you meet the criteria but identify with our vision of providing equal opportunity to everyone to access financial services, please do not hesitate to apply!

 

Branch International is an Equal Opportunity Employer. The company does not and will not discriminate in employment on any basis prohibited by applicable law.

 

Share

Apply for this position

Required*
We've received your resume. Click here to update it.
Attach resume or Paste resume
Attach resume as .pdf, .doc, .docx, .odt, .txt, or .rtf (limit 5MB) or Paste resume

Paste your resume here or Attach resume file

Human Check*