Security Engineer

The Role

As a Security Engineer, you will be responsible for security across the full lifecycle of our fintech platform. This hybrid specialist role requires deep engagement with both infrastructure and application security, focusing heavily on automation and regulatory compliance within a high-stakes, regulated environment. Day-to-day:

• CI/CD Security Integration: Design, build, and maintain automation to integrate security testing (SAST/DAST/SCA) directly into our deployment pipelines. You'll ensure that security is a "paved road" for developers, not a bottleneck. - Full-Stack Security: Own security across the lifecycle—from securing our cloud infrastructure (AWS/GCP) to performing code reviews and architectural risk assessments. - Vulnerability Management: Manage our detection stack using modern vulnerability scanning and dependency management tools to identify, prioritize, and track risks across the environment. - Security Automation: Build and maintain automated workflows for vulnerability reporting, triage, and remediation. We want someone who leverages AI-powered agentic coding tools or similar automation to eliminate manual toil and accelerate response times. - Compliance Engineering: Monitor our technical security controls to ensure that they are operating effectively throughout the year to meet the rigorous cybersecurity compliance requirements to support regulatory exams as well as SOC-2 and PCI audits. - Serve as a key member of our security response team, helping to investigate and mitigate potential threats.