Lead Product Security Engineer (Fintech)

TL;DR

Lead Product Security Engineer (Fintech): Defining and evaluating cybersecurity solutions to improve the firm's overall cybersecurity risk posture with an accent on balancing commercial objectives with robust security controls. Focus on fostering a proactive approach to risk management through early design review and penetration testing, enabling secure technological innovation.

Location: Onsite in Dallas, Texas, United States

Company

hirify.global is a leading global investment banking, securities, and investment management firm.

What you will do

• Collaborate closely with Product Management, Engineering, Program Management, and DevOps teams.
• Ensure the security of applications (Cloud/Web/API/Mobile) managed by Asset and Wealth Management.
• Act as a security advisor to architects, developers, and analysts to design confidentiality, integrity, resiliency, and privacy into platforms.
• Evaluate existing key controls, identify gaps, and recommend improvements to mitigate risks.
• Supervise, coach, and develop a small team of application security specialists.
• Drive adoption of embedded application security controls within the Software Development Life Cycle (SDLC) in Agile methodology.

Requirements

• 6+ years' experience in secure architecture design, application security, and risk analysis techniques.
• Ability to manage multiple tasks, use sound judgment for risks, prioritizing, and escalating.
• Capable of working with deeply technical engineers, identifying gaps, and holding them accountable.
• Understanding of common application security vulnerabilities, controls, and security testing methodologies.
• Expert knowledge of application security best practices including OWASP and CWE, and cloud-related concepts.
• English: B2 required

Nice to have

• Experience in Financial Services/Fintech.
• BS or MS degree in Computer Science, Cyber Security, Information Security, or a related technical field.
• Experience leveraging AI/ML to solve security problems and scale operations.
• Knowledge of secure coding languages such as Python, Java, or Go.
• Relevant certifications like CSSLP, CISSP, CCSP, or OSCP.

Culture & Benefits

• Committed to fostering and advancing diversity and inclusion in the workplace.
• Opportunities for professional and personal growth through training and firmwide networks.
• Access to benefits, wellness, personal finance offerings, and mindfulness programs.
• Offers best-in-class benefits.