Security Engineer

We are seeking a Security Analyst / Engineer to join our Information Security team in a dynamic role that bridges technical security operations with product development and customer-facing initiatives. This position is critical in protecting our payment and purchase processing infrastructure while also working cross-functionally to embed security features that enhance the marketability of our solutions to customers. The ideal candidate combines hands-on security engineering skills with the ability to communicate security value propositions to both technical and business stakeholders.

Essential Functions:

Security Operations & Analysis

Monitor security events and alerts across enterprise infrastructure, payment processing systems, and corporate environments using SIEM platforms and security monitoring tools. Conduct security assessments and vulnerability analysis of infrastructure, applications, and payment processing systems. Perform threat hunting activities to identify potential security incidents and anomalous behaviors across the technology environment. Investigate and respond to security incidents, coordinating with IT Infrastructure Operations and development teams to contain and remediate threats. Maintain security documentation including incident reports, analysis findings, and remediation recommendations.

Security Engineering & Architecture

Design and implement security controls for payment processing infrastructure, API gateways, and transaction processing systems. Engineer security solutions including firewalls, intrusion detection/prevention systems, web application firewalls, and endpoint protection platforms. Develop and maintain security automation scripts and tools to improve detection, response, and operational efficiency. Support secure network architecture including segmentation between payment processing zones, development environments, and corporate networks. Implement identity and access management solutions, privileged access management, and multi-factor authentication across enterprise systems.

Compliance & Risk Management

Support compliance efforts including evidence collection, control testing, and remediation coordination for quarterly scans and annual assessments. Assist with audit preparation and ongoing compliance monitoring for security controls. Conduct security risk assessments for new technologies, system changes, and third-party integrations. Maintain security policies, standards, and procedures in alignment with regulatory requirements and industry best practices. Track and manage remediation of security findings from vulnerability scans, penetration tests, and compliance audits.

Cross-Functional Collaboration & Product Security

Partner with product management and engineering teams to integrate security features into payment processing solutions that can be marketed to customers. Collaborate with sales and business development teams to articulate security capabilities and compliance postures during customer evaluations. Work with development teams to conduct secure code reviews, threat modeling, and security testing of applications and APIs. Provide security guidance during the software development lifecycle, from design through deployment. Contribute to customer-facing security documentation including security white papers, compliance attestations, and technical security specifications.

Customer & Partner Engagement

Support customer security questionnaires and vendor security assessments with technical responses and documentation. Participate in customer security discussions and due diligence processes to demonstrate security capabilities. Assist in developing security features and controls that address common customer requirements and market differentiators. Help translate complex security concepts into business value propositions for customer-facing materials. Collaborate with customer success teams to address security-related inquiries and support implementation security requirements.

Continuous Improvement & Innovation

Stay current with emerging threats, vulnerabilities, and security technologies relevant to payment processing and fintech industries. Research and evaluate new security tools and technologies that could enhance both internal security posture and customer-facing security capabilities. Participate in security training and professional development to maintain technical skills and industry certifications. Contribute to security awareness initiatives and training programs for internal employees and development teams. Recommend security enhancements that improve both operational security and product marketability.

Qualifications:

Required Qualifications

• Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related field, or equivalent practical experience
• 3-5 years of experience in information security, security operations, or security engineering roles
• Hands-on experience with security tools including SIEM platforms, vulnerability scanners, firewalls, IDS/IPS, and endpoint protection solutions
• Understanding of payment processing security requirements and PCI DSS standards
• Knowledge of network security principles, secure architecture design, and defense-in-depth strategies
• Experience with cloud security in Azure, or other cloud environments
• Proficiency in at least one scripting or programming language (Python, PowerShell, Bash, etc.)
• Strong analytical and problem-solving skills with attention to detail
• Excellent written and verbal communication skills with ability to convey technical concepts to non-technical audiences
• Ability to work collaboratively across technical and business teams
• Experience participating in security incident response and investigations

Preferred Qualifications

• Professional security certifications such as Security+, CEH, GIAC (GSEC, GCIH, GCIA), CISSP, or similar
• Experience with application security testing tools and methodologies (SAST, DAST, penetration testing)
• Knowledge of secure software development practices and DevSecOps principles
• Familiarity with regulatory frameworks beyond PCI DSS (SOC 2, ISO 27001, GDPR, etc.)
• Experience in fintech, payment processing, e-commerce, or financial services industries
• Understanding of API security, OAuth/OIDM, and modern authentication protocols
• Experience with security automation and orchestration platforms (SOAR)
• Background in both offensive and defensive security practices
• Contribution to security research, open-source security projects, or security community involvement
• Experience creating customer-facing security documentation or supporting sales engineering activities

Key Competencies

• Technical versatility: Comfortable working across infrastructure, application, and cloud security domains
• Business acumen: Ability to connect security controls to business value and customer requirements
• Collaboration: Skilled at building relationships and working effectively with diverse teams
• Communication: Capable of translating technical security concepts for various audiences
• Adaptability: Thrives in a fast-paced environment where priorities and technologies evolve
• Customer focus: Understands that security should enable business objectives and enhance customer confidence