Offensive Security Engineer (Fintech)

TL;DR

Offensive Security Engineer (Fintech): You will own the offensive security strategy on cloud platform, ensuring financial platforms and customer data are resilient against sophisticated attacks with an accent on critical logic flaws and security loopholes. Focus on integrating security into CI/CD pipelines and fostering a “security fist” culture within the development lifecycle.

Company

hirify.global has unified payments, payouts and fintech on one worldwide platform.

What you will do

• Plan and execute comprehensive manual and automated penetration tests on web applications and APIs using Web Pentesting tools.
• Orchestrate the end-to-end vulnerability lifecycle using security scanners and vulnerability analyzers and manage external bug bounty programs.
• Integrate security seamlessly into CI/CD pipelines by continuously implementing and overseeing SAST/DAST processes.
• Monitor and harden Cloud platform on AWS environment utilizing native AWS security tools.
• Act as a technical advisor to engineering teams, providing clear guidance on fixing security flaws and fostering a “security fist” culture.

Requirements

• 5+ years of experience in cybersecurity with a heavy focus on Penetration Testing, Application Security, or Cloud Security, preferably within the Fintech or banking sector.
• Deep proficiency with Burp Suite for Pentesting, WIZ for cloud visibility, and experience configuring SAST/DAST tools.
• Strong hands-on knowledge of AWS services and security controls is essential.
• Linux proficiency is a must.
• Practical experience securing CI/CD pipelines using GitLab or Jenkins.
• English and Spanish: Bilingual.

Nice to have

• Holding one of the following certifications: OSCP, CEH Practical, EWPT, AWS Security Specialty, BSCP.

Culture & Benefits

• Belief in straight talk, quick decisions, strong execution and elegant solutions.
• Opportunities are limitless.
• Hard work pays off and careers take off.