×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Systems Engineer

Senior Information Security Engineer

Job in Lehi, Utah County, Utah, 84043, USA
Listing for: MX
Full Time position
Listed on 2026-02-21
Job specializations:
  • IT/Tech
    Cybersecurity, Systems Engineer
Salary/Wage Range or Industry Benchmark: 100000 - 125000 USD Yearly USD 100000.00 125000.00 YEAR
Job Description & How to Apply Below

MX is a fintech company on a mission to empower the world to be financially strong. We build technology that helps banks, credit unions, and fintechs deliver smarter, more intuitive financial experiences to millions of people.

Like many startups, we’ve navigated real growth challenges — and we’ve come out stronger on the other side. Today, MX is in a phase of renewed momentum and scale, with a solid foundation and a clear vision for what’s next. This is a place where thoughtful execution matters, innovation is encouraged, and individuals have real ownership over their work.

Our culture values curiosity, accountability, and impact. We give people the space to question assumptions, design better solutions, and help shape how the company grows. If you’re looking to do meaningful work, influence outcomes, and grow alongside a company that’s ready to move fast, you’ll feel at home at MX.

Role Overview

The Senior Security Engineer is a senior individual contributor role focused on being the primary hands‑on builder, technical lead, and implementer of MX’s security program. This position is designed for a self‑starting technical lead with deep execution expertise in ubiquitous shift‑left security, application protection, and automated risk reduction. In addition to the focus on shift‑left security, this role will have Web Application and API Protection (WAAP) and Network Security focuses to drive widespread adoption of secure practices across engineering teams.

Reporting directly to the Director of Security Architecture and Engineering, and working closely with Cloud & Product Security Architecture to execute defined designs, the Senior Security Engineer leads the deployment, automation, and maturation of security controls y serve as the go‑to technical expert for implementation, troubleshoot complex issues, mentor engineers organization‑wide, and champion best practices to embed security deeply into infrastructure, platforms, and application workflows.

This role influences Cloud Engineering, Dev Ops, Platform, Application Development, and Security Operations teams to operationalize secure‑by‑design principles while maintaining alignment with compliance and risk requirements.

Responsibilities

Application & API Security

  • Serve as the primary hands‑on builder for Fastly Next‑Gen WAF (Signal Sciences) across all production environments to mitigate web‑based attacks with low false positives.
  • Lead the deployment and tuning of Cequence Unified API Protection for API discovery, behavioral abuse detection, and real‑time runtime enforcement.
  • Standardize API security patterns across the organization, ensuring deep visibility into shadow APIs and automated blocking of malicious traffic.
  • Partner with application teams to integrate threat modeling and security requirements into the design phase of new features.
  • Detect & prevent credential‑stuffing attacks ensuring Security Engineering is First‑To‑Know (FTK).

Enterprise CI/CD Security & Shift‑Left Enforcement

  • Implement and mature policy‑as‑code frameworks (OPA/Rego or equivalents) tied to organizational guardrails.
  • Enforce strict CI/CD quality gates that block critical and high‑severity vulnerabilities from reaching production using SAST/SCA tools like Snyk, Semgrep, or CodeQL.
  • Drive integration of security scanning tools (IaC, containers, secrets, dependencies, SBOM) into CI/CD pipelines and evangelize shift‑left practices to development teams.
  • Train and enable engineers to build securely from the start, reducing misconfigurations at the source.

Web App & API Protection (WAF & Firewall with IPS/IDS)

  • Deploy and manage AWS Network Firewall & Suricata IPS/IDS rules (or similar e.g. PAN) as code through Terraform to protect ingress, egress, and east‑west traffic.
  • Implement and maintain advanced network security controls, including VPC Service Controls and hierarchical policies.
  • Develop and tune detection rules for Network Security Services, partnering with SIEM owner; support threat hunting and incident investigations.
  • Implement and enforce security controls for Kubernetes clusters (EKS, GKE, or self‑managed), including cluster hardening, admission controls, and network policies.
  • Driv…
Position Requirements
10+ Years work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search