Sr. Manager, Application Security (Fintech)

TL;DR

Sr. Manager, Application Security (Fintech): Leading and maturing the Application Security program across Ruby-based monolith and Go microservices environments with an accent on building, scaling, and operationalizing secure development practices. Focus on overseeing security reviews, threat modeling, secure code practices, and optimizing SAST/SCA tooling in a fast-moving fintech environment.

Location: Remote (USA)

Salary: $200,000–$230,000

Company

hirify.global is an industry-leading platform (PayXM™) transforming payments for non-commerce businesses in consumer lending, iGaming, property management, and tolling.

What you will do

• Lead and manage the Application Security team, including hiring, mentoring, and performance management.
• Define and execute the Application Security roadmap aligned with business priorities and regulatory obligations (e.g., PCI, SOC 2).
• Partner with Engineering, Product, QA, Infrastructure, and DevOps leadership to embed security early in the SDLC.
• Oversee security design reviews and code security reviews for Go-based microservices and Ruby-based monolith applications.
• Own and continuously improve the organization’s threat modeling framework and integrate it into new feature development.
• Ensure SAST and SCA tooling is integrated into CI/CD pipelines and tuned to reduce false positives.

Requirements

• 8+ years of experience in Application Security or Secure Software Engineering.
• 3+ years leading or managing technical security teams.
• Strong hands-on experience with Ruby (Rails) and Go (Golang) application security.
• Deep knowledge of Secure SDLC practices, threat modeling (STRIDE, attack trees), SAST/SCA tools, and OWASP Top 10/API Security Top 10.
• Experience integrating security tools into CI/CD pipelines and cloud-native application security in AWS environments.
• Strong understanding of microservices security patterns.

Nice to have

• Experience in fintech, payments, or other regulated environments.
• Knowledge of PCI DSS and SOC 2 security expectations.
• Experience with container security and Kubernetes-based deployments.
• Experience building security metrics and executive-level reporting.

Culture & Benefits

• Competitive salary and stock options with standard startup vesting (1-year cliff; 4 years total).
• $50 monthly communication expense stipend and $250 WFH setup stipend.
• Reimbursement for peripheral equipment (monitor up to $400, keyboard and mouse up to $200).
• Premium medical benefits including vision and dental (100% coverage for employees).
• Paid parental bonding leave, sick leave, jury duty, bereavement, and 13 scheduled holidays.
• 401k plan and Flexible Time Off (typically ~3-4 weeks per year), plus Volunteer Time Off.