HEIResearchEcosystemCareersEventsPolicyContact Sign in
Back to all roles

Engineering

/

Senior leadership

Principal Security Engineer

Application & Platform Security

Lead Full-Time Remote (India preferred) / Guwahati Permanent

Compensation

INR 45 - 75 LPA + equity.

Engagement

Full-Time

Permanent role. Full-time commitment. Remote-first, with periodic in-person off-sites.

Scope of role

Set direction within your domain. Build and mentor a team. Own outcomes at the function level.

01 — The role

Why this role exists at EduRankAI

Own EduRankAI's security posture: application security, infra security, data privacy (DPDPA 2023 + GDPR). You will lead a small security team and you will be the engineer accountable when something goes wrong. This role exists because AI companies face a more interesting threat surface than most: prompt injection, training-data exfil, model jailbreaks, plus the usual application security. You will own the whole picture, and you will write enough code to defend the design choices you make.

02 — The work

What you will own

  • 01 Own the threat model and the security architecture document.
  • 02 Lead incident response — commander, on the page, in the postmortem.
  • 03 Run the secure-SDLC programme (code review, scanning, audits, training).
  • 04 Own GDPR + DPDPA 2023 technical compliance — the actual controls, not the policy PDFs.
  • 05 Run the bug bounty and responsible disclosure programme.
  • 06 Commission quarterly third-party penetration tests; own the remediation.

03 — The expertise

What we look for

10+ years application + platform securityCloud security (AWS / GCP / Vercel)Cryptography fundamentalsSecure-SDLC programme experienceFamiliarity with LLM-specific threats (prompt injection, jailbreaks, data exfil)Strong written communicator

04 — The bar

Who thrives here

  • You have led security for an org of at least 50 engineers for 2+ years.
  • You have personally led the response to a Sev-1 security incident and written the postmortem.
  • You can describe two security controls you killed because they were theatre, and what you replaced them with.
  • You can read application code and find a real bug in it.
  • You have written or significantly contributed to a security policy that engineers actually read.

05 — How we work

The EduRankAI environment

Remote-first, async-first

Work from anywhere. We optimise for deep work, not face time. Periodic in-person off-sites for the full-time team.

High autonomy, high standards

We hire adults and trust them. You will be expected to set your own goals, communicate clearly, and ship.

Builders, not bureaucrats

We optimise for clarity over process. Make the call, ship the work, write up what you learned.

Bharat-built, globally ambitious

We are an Indian frontier AI lab. We build for India first and the world second — in that order.

06 — Hiring process

What to expect after you apply

  1. 01

    Application review

    Every application is read personally within five business days. We respond either way.

  2. 02

    Take-home or live exercise

    Role-specific. Time-boxed. Real problems we are actually working on, not invented puzzles.

  3. 03

    Conversations

    Deep technical and values conversations with the team you would join. No trick questions. No panel ambushes.

  4. 04

    Offer or honest no

    If yes: digital offer letter, signed in-portal, transparent terms. If no: written feedback if you want it.

Before you start

What we will collect. What it costs. What we will not do with it.

Application fee

CHF 100

Lead tier

We will collect

  • Name, email, phone — Account + application updates. No marketing.
  • Resume / portfolio link — Human review of your work.
  • Date + place of birth — Identity verification only.
  • Your written responses — Selection rubric. Read by humans.
  • Government ID (later) — Anti-fraud at offer / interview stage. Not at signup.

We will never

  • Sell your data
  • Share with third-party recruiters
  • Use for advertising
  • Train models on it
  • Send marketing email

Our situation

EduRankAI is a small, independent organization building long-term capabilities in educational intelligence, advanced AI systems, and research infrastructure. We take no advertiser money, no donations with strings attached, and no investor pressure on hiring decisions. The small per-application fee covers the real cost of processing your application — human review, identity verification, infrastructure, reviewer time. It buys us the right to be honest. Genuine financial hardship? Request a fee waiver inside the application — reviewed individually within 5 business days, with no record in your file and no second-class treatment of waiver-granted applications.

Full transparency policy Why we charge a fee Questions? Email us

Ready to apply?

We read every application personally. If you are the right person for this role — regardless of pedigree, background, or where you are based — you will hear back from us within five business days.

Apply for Principal Security Engineer See all open roles

Other roles in Engineering

Explore related openings

Junior Software Engineer

Junior Full-Time

Software Engineering Intern

Intern Internship

Software Engineer

Mid Full-Time

Senior Software Engineer

Senior Full-Time

Lead Full-Time

Principal Security Engineer

Apply →