Senior Information Security Engineer

Payabli•Miami, FL

5d•Remote

About The Position

Payabli’s mission is to enable any software company to become a payments company through its payment infrastructure and monetization platform. With Payabli, software companies can make payments a core part of their business model to drive revenue, enhance customer lifetime value, and boost enterprise value. Our co-founders are serial entrepreneurs who have built and scaled successful technology companies like RevoPay (acquired), Seamless.com (IPO), and ServiceTitan. We are backed by top venture capital investors Fika Ventures, Bling Capital, and TTV Capital. About the role: The Senior Information Security Engineer will serve as the technical lead for implementing and managing security tooling, including SIEM, vulnerability management, DLP, and endpoint protection solutions. This individual will operationalize the roadmap developed in Phase 1 and ensure security tools are configured according to policy and compliance requirements.

Requirements

5–8 years of hands-on experience in information security engineering, cloud security, or infrastructure security within SaaS, fintech, or regulated environments.
Strong understanding of AWS IAM, CloudTrail, Security Hub, and SIEM deployment.
Familiarity with SOC 2, PCI DSS, ISO 27001 and NIST frameworks.
Experience in scripting, automation, and DevSecOps practices.
Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent experience).

Nice To Haves

Relevant certifications such as CISSP, CISM, GSEC, AWS Certified Security – Specialty, or CompTIA Security+ are a plus.

Responsibilities

Lead technical remediation of security platforms such as SIEM, Tenable, Wiz, or SentinelOne.
Conduct continuous configuration and security posture audits across AWS, SaaS, and endpoints.
Manage integrations between systems (AWS, Drata, Wiz, Google Workspace, GitHub) to enable centralized visibility.
Develop and maintain detection logic, response automation, and alerting workflows.
Collaborate with IT and engineering to embed security into CI/CD and cloud architecture.
Support evidence collection and validation for SOC 2, PCI DSS, and customer security reviews.
Support data protection initiatives including encryption, data classification, and data loss prevention strategy development.
Mentor junior engineers and contribute to ongoing security training, awareness, and culture-building efforts across the organization.
Stay current on emerging threats, technologies, and regulatory requirements to proactively improve Payabli’s security posture.
Create and maintain playbooks and runbooks for incident response, ensuring consistent and repeatable handling of security events.
Partner with IT and Compliance to automate evidence collection, reporting, and control validation for internal and external audits.
Conduct regular vulnerability assessments and remediation validation to ensure compliance with defined SLAs and regulatory frameworks (SOC 2, PCI DSS, NIST 800-53).
Collaborate closely with DevOps and engineering teams to embed security controls into application design, deployment, and cloud infrastructure provisioning.
Lead investigations into security incidents, including root cause analysis, remediation coordination, and post-incident reviews.
Manage IAM and access control policies across cloud and SaaS environments to enforce least-privilege principles.