Senior Manager, Application Security (Fintech)

TL;DR

Senior Manager, Application Security (Fintech): Leading and maturing the Application Security program across Ruby and Go environments, integrating secure development practices into CI/CD pipelines. Focus on overseeing application security reviews, threat modeling, and optimizing SAST/SCA tooling to provide actionable insights for Engineering leadership.

Location: Remote (USA only)

Salary: $200,000 - $230,000

Company

hirify.global is an innovative payment technology company on a mission to simplify payments, building the PayXM™ platform to manage the entire payment experience for non-commerce businesses across consumer lending, iGaming, property management, and tolling.

What you will do

• Lead and mentor the Application Security team, including hiring and performance management, defining and executing the Application Security roadmap.
• Partner closely with Engineering, Product, QA, Infrastructure, and DevOps leadership to embed security early in the SDLC.
• Oversee security design reviews and code security reviews across Go-based microservices and Ruby-based monolith applications.
• Provide technical guidance on secure architecture decisions in a cloud-first (AWS) environment and continuously improve the organization’s threat modeling framework.
• Ensure SAST and SCA tooling is integrated into CI/CD and appropriately tuned to reduce false positives, driving meaningful reporting dashboards.
• Establish and operationalize a risk-based vulnerability prioritization framework, acting as a trusted advisor to Engineering leadership to influence architectural decisions.

Requirements

• 8+ years of experience in Application Security or Secure Software Engineering.
• 3+ years leading or managing technical security teams.
• Strong hands-on experience with Ruby (Rails) and Go (Golang) application security.
• Deep knowledge of Secure SDLC practices, threat modeling methodologies (e.g., STRIDE, attack trees), SAST and SCA tools, and OWASP Top 10 and API Security Top 10.
• Experience integrating security tools into CI/CD pipelines.
• Familiarity with cloud-native application security in AWS environments and a strong understanding of microservices security patterns.

Nice to have

• Experience in fintech, payments, or other regulated environments.
• Knowledge of PCI DSS and SOC 2 security expectations.
• Experience with container security and Kubernetes-based deployments.
• Experience building security metrics and executive-level reporting.

Culture & Benefits

• Competitive salary and benefits with growth-company options grant, including standard startup vesting (1 year cliff; 4 years total).
• $50 monthly communication expense stipend and $250 stipend to enhance your WFH setup.
• Reimbursement for peripheral equipment: monitor (up to $400), keyboard and mouse (up to $200).
• Premium medical benefits including vision and dental (100% coverage for employees).
• Company-sponsored life and disability insurance, paid parental bonding leave, paid sick leave, jury duty, and bereavement.
• 401k plan, Flexible Time Off (~3-4 weeks per year), and Volunteer Time Off, plus 13 scheduled holidays.