Senior Security Engineer; US, Remote

Senior Security Engineer (Remote – US)

Compensation: $170K–$300K base + equity
Type: Full-time
Location: Remote (US)

We’re partnering with a fast-growing, AI-driven fintech company transforming how a massive, legacy industry operates. Their platform is modernizing outdated systems and automating complex workflows that have historically been slow, manual, and expensive.

This is a high-impact opportunity to join a lean, product-focused team tackling real-world problems at scale, with billions in transaction volume already flowing through the platform.

They’re hiring a Senior Security Engineer to build and scale security as a product enabler—not a blocker.

This is a hands-on IC role with broad ownership across:

• Application security
• Cloud / infrastructure security
• Compliance (SOC
  2)
• Security tooling & automation

You’ll be writing code, shipping tooling, and embedding security into the development lifecycle—making it easy for engineers to build securely by default.

• Lead security initiatives across application, infrastructure, and identity
• Conduct threat modeling, vulnerability assessments, and remediation
• Build and integrate security tooling (SAST, DAST, container scanning, secrets detection)
• Harden AWS environments (IAM, VPCs, logging, Guard Duty, KMS, etc.)
• Own and evolve SOC 2 Type II compliance
• Establish a secure SDLC with lightweight, scalable processes
• Partner closely with engineering to improve security without slowing delivery
• Lead or support incident response and postmortems
• Manage identity/access systems (SSO, MFA, SCIM, access reviews)
• Oversee vendor and third-party security risk

• Cloud: AWS (IAM, VPC, Guard Duty, Security Hub, etc.)
• Infra: Terraform, Pulumi, Docker, ECS (EC2/Fargate)
• Backend: Node.js / Type Script (monorepo)
• Frontend: React + GraphQL
• Data: Postgre
  
  SQL, Redis, Kafka, Open Search
• Observability: Datadog, Cloud Watch, Sentry
• CI/CD: Buildkite

• Strong application security background (OWASP, threat modeling, secure code review)
• Deep AWS security experience
• Experience with Terraform and/or Pulumi
• Hands‑on SOC 2 experience (controls, audits, evidence)
• CI/CD security integration experience
• Background in fintech or regulated environments preferred
• Experience with identity systems (SSO, SAML, MFA, SCIM)
• Ability to build tooling/automation (Python, Bash, etc.)
• Strong communicator who can work closely with engineering teams

• Security is treated as a core product function
  , not compliance overhead
• High ownership and autonomy
• Real scale and real impact (handling sensitive financial data)
• Remote‑first, strong engineering culture
• Opportunity to shape security from the ground up