Security Engineer

About The Position

Requirements

• Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related field, or equivalent practical experience
• 3-5 years of experience in information security, security operations, or security engineering roles
• Hands-on experience with security tools including SIEM platforms, vulnerability scanners, firewalls, IDS/IPS, and endpoint protection solutions
• Understanding of payment processing security requirements and PCI DSS standards
• Knowledge of network security principles, secure architecture design, and defense-in-depth strategies
• Experience with cloud security in Azure, or other cloud environments
• Proficiency in at least one scripting or programming language (Python, PowerShell, Bash, etc.)
• Strong analytical and problem-solving skills with attention to detail
• Excellent written and verbal communication skills with ability to convey technical concepts to non-technical audiences
• Ability to work collaboratively across technical and business teams
• Experience participating in security incident response and investigations

Nice To Haves

• Professional security certifications such as Security+, CEH, GIAC (GSEC, GCIH, GCIA), CISSP, or similar
• Experience with application security testing tools and methodologies (SAST, DAST, penetration testing)
• Knowledge of secure software development practices and DevSecOps principles
• Familiarity with regulatory frameworks beyond PCI DSS (SOC 2, ISO 27001, GDPR, etc.)
• Experience in fintech, payment processing, e-commerce, or financial services industries
• Understanding of API security, OAuth/OIDM, and modern authentication protocols
• Experience with security automation and orchestration platforms (SOAR)
• Background in both offensive and defensive security practices
• Contribution to security research, open-source security projects, or security community involvement
• Experience creating customer-facing security documentation or supporting sales engineering activities
• Technical versatility: Comfortable working across infrastructure, application, and cloud security domains
• Business acumen: Ability to connect security controls to business value and customer requirements
• Collaboration: Skilled at building relationships and working effectively with diverse teams
• Communication: Capable of translating technical security concepts for various audiences
• Adaptability: Thrives in a fast-paced environment where priorities and technologies evolve
• Customer focus: Understands that security should enable business objectives and enhance customer confidence

Responsibilities

• Security Operations & Analysis Monitor security events and alerts across enterprise infrastructure, payment processing systems, and corporate environments using SIEM platforms and security monitoring tools.
• Conduct security assessments and vulnerability analysis of infrastructure, applications, and payment processing systems.
• Perform threat hunting activities to identify potential security incidents and anomalous behaviors across the technology environment.
• Investigate and respond to security incidents, coordinating with IT Infrastructure Operations and development teams to contain and remediate threats.
• Maintain security documentation including incident reports, analysis findings, and remediation recommendations.
• Security Engineering & Architecture Design and implement security controls for payment processing infrastructure, API gateways, and transaction processing systems.
• Engineer security solutions including firewalls, intrusion detection/prevention systems, web application firewalls, and endpoint protection platforms.
• Develop and maintain security automation scripts and tools to improve detection, response, and operational efficiency.
• Support secure network architecture including segmentation between payment processing zones, development environments, and corporate networks.
• Implement identity and access management solutions, privileged access management, and multi-factor authentication across enterprise systems.
• Compliance & Risk Management Support compliance efforts including evidence collection, control testing, and remediation coordination for quarterly scans and annual assessments.
• Assist with audit preparation and ongoing compliance monitoring for security controls.
• Conduct security risk assessments for new technologies, system changes, and third-party integrations.
• Maintain security policies, standards, and procedures in alignment with regulatory requirements and industry best practices.
• Track and manage remediation of security findings from vulnerability scans, penetration tests, and compliance audits.
• Cross-Functional Collaboration & Product Security Partner with product management and engineering teams to integrate security features into payment processing solutions that can be marketed to customers.
• Collaborate with sales and business development teams to articulate security capabilities and compliance postures during customer evaluations.
• Work with development teams to conduct secure code reviews, threat modeling, and security testing of applications and APIs.
• Provide security guidance during the software development lifecycle, from design through deployment.
• Contribute to customer-facing security documentation including security white papers, compliance attestations, and technical security specifications.
• Customer & Partner Engagement Support customer security questionnaires and vendor security assessments with technical responses and documentation.
• Participate in customer security discussions and due diligence processes to demonstrate security capabilities.
• Assist in developing security features and controls that address common customer requirements and market differentiators.
• Help translate complex security concepts into business value propositions for customer-facing materials.
• Collaborate with customer success teams to address security-related inquiries and support implementation security requirements.
• Continuous Improvement & Innovation Stay current with emerging threats, vulnerabilities, and security technologies relevant to payment processing and fintech industries.
• Research and evaluate new security tools and technologies that could enhance both internal security posture and customer-facing security capabilities.
• Participate in security training and professional development to maintain technical skills and industry certifications.
• Contribute to security awareness initiatives and training programs for internal employees and development teams.
• Recommend security enhancements that improve both operational security and product marketability.