Security Engineer

Security Engineer — Job Description

As a Security Engineer, you will play a central role in shaping and scaling the company’s security posture as we expand into enterprise financial markets. Working closely with the infrastructure and engineering teams, you will design, build, and maintain security systems that safeguard our AI platform and the sensitive financial data it processes—all while enabling developers to move quickly and securely.

This position offers a rare opportunity to establish security practices at a fast-growing fintech organization handling highly sensitive financial information. You will own the security roadmap and build the foundations that allow our platform to scale as we bring AI-driven capabilities to financial institutions worldwide.

Responsibilities Establish Security Foundations

• Architect and implement security patterns across our infrastructure, creating secure-by-default frameworks for engineering teams.

• Develop and manage security controls within our AWS environment—including IAM, network segmentation, encryption, logging, and monitoring.

• Build infrastructure-as-code (CDK, SST, Pulumi) with integrated guardrails that make secure development the easiest path for developers.

• Implement solutions for secrets management, encryption, authentication, and authorization to protect sensitive financial data.

Support Compliance and Enterprise Growth

• Lead compliance initiatives such as CCPA, GDPR, and ISO 27001, building upon the existing SOC 2 Type II foundation.

• Automate evidence collection and maintain continuous compliance through infrastructure-as-code practices.

• Conduct security assessments of cloud resources and resolve deviations from CIS Benchmarks and internal policies.

• Collaborate with sales and customer success teams to address enterprise security requirements and complete security questionnaires.

Threat Detection & Incident Response

• Deploy and tune cloud-native detection and monitoring using AWS GuardDuty, Security Hub, and custom detection logic.

• Monitor systems for credential misuse, unauthorized access, anomalous behavior, and other security threats.

• Participate in the security on-call rotation and lead incident response efforts when needed.

• Build automated monitoring and alerting systems tailored to financial-services threat landscapes.

Secure Development & AI Workloads

• Work with engineering teams to embed security into development lifecycles and CI/CD pipelines.

• Implement supply-chain security practices including artifact signing, secret scanning, and dependency monitoring.

• Develop security controls specifically designed for AI/ML infrastructure and sensitive data pipelines.

• Apply defense-in-depth principles across cloud environments and internal systems.

Scale Security Across the Organization

• Promote a culture of security awareness by educating employees on security best practices.

• Create documentation, runbooks, and training materials for security processes and tools.

• Mentor developers on secure architecture and software design principles.

• Identify inefficiencies in security processes and eliminate them through automation and tooling.

Required Qualifications

• 5+ years of experience in security engineering, cloud security, infrastructure security, or a related discipline.

• Strong hands-on expertise securing AWS environments (IAM, VPC design, encryption, and native security services).

• Proficiency with infrastructure-as-code tools, especially AWS CDK.

• Experience with scripting and automation using Python, Go, Bash, or similar languages.

• Understanding of modern attack techniques and cloud-focused adversarial tactics.

• Familiarity with compliance frameworks such as SOC 2, ISO 27001, GDPR, or comparable standards.

Preferred Qualifications

• Experience securing financial-services applications or working with sensitive financial data.

• Background in securing AI/ML platforms and data pipelines.

• Knowledge of security controls for SaaS platforms and identity providers (Okta, Google Workspace, etc.).

• Experience with SIEM tools, detection engineering, and threat monitoring.

• Understanding of zero trust principles and implementation strategies.

• Strong communication skills for explaining security concepts to both technical and non-technical audiences.

• Experience building security programs at early-stage or scaling companies.

• Contributions to the security community (open source, writing, speaking, etc.).