SDE II - SaaS Platform, Security & Compliance

Wati is the world's leading WhatsApp-first conversational growth platform, empowering businesses to build deeper customer relationships and accelerate revenue growth.

Trusted and loved by over 20,000 customers across 190+ countries, Wati has established itself as the premier choice for businesses leveraging WhatsApp and other messaging channels to connect with customers on their platform of choice.

In a world where real-time interactions drive growth, Wati's story is all about business growth through conversations. At Wati, we believe that every conversation matters, whether it's engaging a first-time prospect, nurturing a qualified lead, or deepening relationships with loyal clients. We transform these conversations into opportunities for building relationships, and strong relationships lead to increased revenue.

Our Platform
The AI-native platform simplifies complex business operations by bringing all customer interactions under one intelligent roof. Designed for scalability and ease of use, our solution delivers a measurable ROI while adapting to businesses of all sizes, from emerging startups to established enterprises.

Our Backing & Partnerships
Wati is proudly backed by world-class investors including Tiger Global, Sequoia Capital, DST Global, and Shopify. As a Premium-tier Partner of Meta, Google, and WhatsApp, we maintain the highest standards of integration and platform excellence.

Requirements

Role overview

We are looking for a Software Development Engineer II (SDE II) to join our team, responsible for building and operating security and compliance capabilities that protect our multi‑tenant cloud product and its customers.
You will design secure platform services, automate controls, and embed compliance into our SaaS architecture so that security and privacy are enabled by default for all tenants.

Key responsibilities

• Design, build, and operate secure platform services for authentication, authorization, tenant isolation, audit logging, and configuration management in our SaaS environment.
  Implement and continuously improve security controls for our cloud infrastructure (e.g. AWS/GCP/Azure), including IAM, network segmentation, encryption, key management, and secrets management.
• Develop automation and guardrails that help product teams securely build and deploy SaaS features (e.g. security checks in CI/CD, policy‑as‑code, dependency and container scanning).
• Translate security, privacy, and compliance requirements (e.g. SOC 2, ISO 27001, GDPR) into concrete engineering work for the platform and help generate audit‑ready evidence.
• Collaborate with security, SRE, and data teams to ensure strong tenant isolation, data protection, backup/restore, and secure data residency for the SaaS platform.
• Build or integrate monitoring, alerting, and dashboards that provide visibility into security posture, access patterns, and control effectiveness across all tenants.
• Participate in design reviews, threat modeling, and code reviews for platform components; champion secure‑by‑design patterns for SaaS features.
• Support incident response for platform‑level security issues, contributing to root‑cause analysis and long‑term remediation.
  

Basic qualifications

• 3–5 years of professional software development experience, including experience working on cloud‑hosted or SaaS products.
• Strong coding skills in one or more of our primary languages (e.g. TypeScript/Node.js, Java, Go, C# or Python) and experience building backend or platform services.
• Hands‑on experience with at least one major cloud provider (AWS, GCP, or Azure), plus infrastructure‑as‑code (e.g. Terraform, CloudFormation, CDK, or similar).
• Solid understanding of security fundamentals: identity and access management, encryption, web/API security, multi‑factor authentication, and network security basics.
• Experience working with CI/CD pipelines and integrating automated tests or checks into deployment workflows.
  

Preferred qualifications

• Experience on a platform, security, or SRE team securing a multi‑tenant SaaS product.
• Familiarity with security and compliance frameworks relevant to SaaS (e.g. SOC 2, ISO 27001, GDPR, HIPAA) and how they translate into technical controls.
• Experience implementing or operating logging, monitoring, SIEM, or SSPM tooling for SaaS environments.
• Knowledge of container and Kubernetes security, including image scanning, runtime controls, and secure configuration baselines.
• Experience with policy‑as‑code (e.g. OPA), zero‑trust concepts, and securing internal developer platforms.
  

Behavioural expectations

• Ownership of platform outcomes, comfortable working across teams (product, security, SRE, compliance) to drive secure solutions end‑to‑end.
• Clear communication of security and compliance constraints to engineers and non‑technical stakeholders, with a focus on enabling safe delivery rather than blocking.
• Pragmatic, data‑driven approach to prioritizing security work in a fast‑moving SaaS environment.