Security Engineer

Company Overview

At Snap Finance, we believe everyone deserves access to the things they need, regardless of credit history. Since 2012, we have used data, machine learning, and a more human approach to create flexible financing solutions that help people move forward. Our inclusive and supportive culture empowers customers, partners, and team members alike, and we value growth and innovation.

• Secure and operate the cloud environment across multi‑region AWS, continuously assessing, hardening, and improving security posture.
• Operate the full security toolset, including CSPM, SIEM, vulnerability management, network security, ZTNA, DLP, EDR, and endpoint management.
• Drive the vulnerability management lifecycle end‑to‑end: scan cadence, prioritization, remediation SLAs, and reporting.
• Manage identity and access infrastructure in collaboration with IT, covering MFA, IAM, IGA, privileged access, and credential management.
• Lead the buildout of a Privileged Access Management (PAM) program.
• Support ongoing cloud migration security work streams.
• Monitor threat intelligence and external attack surface signals, translating findings into prioritized action.
• Lead and respond to incidents: triage, contain, eradicate, and recover with urgency and discipline; develop playbooks, evidence chain of custody, forensic readiness, and post‑incident reviews.
• Own the incident response process maturity, including playbook development and evidence management.
• Build, automate, and elevate the team: set coding and AI standards, write tools, automate workflows, mentor peers, and develop automation for alert triage, compliance evidence collection, asset inventory, and security metrics.
• Develop API integrations between security tools to eliminate manual handoffs and improve data fidelity.
• Contribute to security‑as‑code practices, IaC security reviews, CI/CD pipeline hardening, and software supply chain controls.
• Champion AI‑native tooling across the team, evaluating and implementing AI‑assisted detection, threat hunting, and response capabilities, and build or contribute to agentic AI frameworks.
• Own the security program within your domain: maintain roadmap, compliance attestation timelines, remediation SLA adherence, track and mature the tool portfolio, maintain risk registers and GRC platforms, coordinate audit evidence for SOC 2 Type II, PCI DSS 4.0, and Cyber Essentials+, and contribute to executive and board‑level reporting.
• Drive cross‑functional follow‑through with Engineering, IT, Data, and PMO on security work streams.
• Be available for occasional after‑hours response when critical incidents arise.

• 5+ years in security engineering, security operations, or a combined Sec Ops/program role.
• Must be authorized to work in the United States and be U.S. based.
• Hands‑on experience operating cloud security tooling in AWS environments.
• Proficiency in at least one scripting or programming language;
  Python strongly preferred.
• Experience building dashboards, writing queries, and tuning alerts in a SIEM platform.
• Strong working knowledge of vulnerability management and incident response life cycles.
• Experience supporting compliance frameworks: SOC2, PCIDSS, or equivalent.
• Demonstrated use of AI and ML tooling in a professional security context.
• Track record of mentoring or upskilling peers in technical disciplines.
• Strong written communication skills, effectively writing for engineers and executives.
• Comfortable with occasional after‑hours availability for critical security incidents.

• Experience with GRC platforms: compliance automation, risk management, or audit evidence tooling.
• Exposure to IGA and PAM concepts and tooling.
• Security certifications: CISSP, CISM, AWS Security Specialty, or GIAC (GCIH, GCED, or similar).
• Background in fintech, lending, or regulated financial services.
• Contributions to security tooling, open‑source projects, or internal platform engineering.
• Experience with SOAR platforms or automated response workflows.

• Generous paid time off.
• Competitive medical, dental, and vision coverage.
• 401K with company match for U.S. employees.
• Company‑paid life insurance.
• Company‑paid short‑term and long‑term disability.
• Access to mental health and wellness resources.
• Company‑paid volunteer time to give back to the community.
• Legal coverage and other supplemental options.
• A value‑based culture with endless growth opportunities.

Snap values diversity and all qualified applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status.

California residents, please review our California Consumer Privacy Act Notice at