About GoKwik
GoKwik is a growth operating system designed to power D2C and eCommerce brands from checkout optimisation and reducing return-to-origin (RTO), to payments, retention, and post-purchase engagement. Today, GoKwik enables over 12,000 merchants worldwide, processes around $2 billion in GMV, and is strengthening its AI-powered infrastructure.
Backed by RTP Global, Z47, Peak XV, and Think Investments and bolstered by a $13 million growth round in June 2025 (total funding: $68 million), GoKwik is scaling aggressively across India and the UK.
Why This Role Matters
At GoKwik, security isn’t a bolt-on, it’s a core part of how we build, ship, and scale. As a Senior DevSecOps Engineer, you’ll ensure every layer of our infrastructure and development lifecycle is secure, compliant, and resilient. You’ll work end-to-end with engineering teams, from design and deployment to operations and optimisation, embedding security guardrails into CI/CD pipelines, automating IAM and compliance checks, and reducing human error to near zero. You’ll also shape a culture where security is a shared responsibility, not a last-minute review, while staying battle-ready to lead incident response and drive blameless learning. In short, you’ll own the frameworks and practices that let GoKwik grow fast without ever compromising trust, directly protecting $2B+ GMV and thousands of merchants who rely on us every day.
What You'll Own
- Build secure CI/CD pipelines by embedding vulnerability scanning, SAST, and DAST, ensuring every release ships fast and safe
- Partner with engineering and security teams to design cloud-native architectures that are secure by default and resilient at scale
- Automate the boring stuff, from secrets management and IAM policy enforcement to compliance validation checks, cutting down human error and accelerating delivery
- Integrate best-in-class security tools (Vault, Prisma, Aqua, Trivy, etc.) into every layer of our infrastructure
- Take the lead during security incidents, coordinating response across teams and ensuring issues are remediated quickly and effectively
- Drive a proactive DevSecOps culture by running training, awareness programs, and blameless postmortems that turn incidents into learnings
- Own compliance readiness (SOC2, ISO 27001, PCI-DSS), working closely with governance and legal to keep us always audit-prepared without slowing down engineering
Who You Are
- 3 - 7 years of hands-on experience in DevSecOps or Cloud Security Engineering within fast-scaling SaaS or eCommerce environments
- Strong grasp of AppSec and Cloud Security fundamentals, from IAM, WAF, and KMS to CSPM best practices
- Practical experience with Kubernetes security (RBAC, PodSecurity, NetworkPolicies) and keeping clusters production-hardened
- Comfortable with threat modelling, incident response, and security compliance frameworks (ISO, SOC2, PCI-DSS)
- Solid coding/scripting skills (Python, Go, Bash, etc.) to automate controls and eliminate repetitive manual work
- Someone who doesn’t just know the theory but has battle-tested experience in securing systems at scale
How You'll Thrive at GoKwik
- You embed security into velocity, helping teams move fast without cutting corners
- You believe in a blameless, learning-first culture, where issues are fixed, not hidden
- You take uptime and compliance seriously, 99.99999% is the bar, and you love building guardrails that make it possible
- You stay proactive, spotting and solving risks before they become incidents
- You thrive in a high-trust environment, where ownership is real and security is an enabler, not a blocker
Why GoKwik ?
At GoKwik, we aren’t just building tools, we’re rewriting the playbook for eCommerce in India.
We exist to solve some of the most complex challenges faced by digital-first brands: low conversion rates, high RTO, and poor post-purchase experience. Our checkout and conversion stack powers 500+ leading D2C brands and marketplaces and we’re just getting started.
