Member of Technical Staff, Security Operations (Fintech)

TL;DR

Member of Technical Staff, Security Operations (Fintech): Developing and maintaining security automation, vulnerability management, and infrastructure guardrails for a regulated crypto platform with an accent on application security, cloud hardening, and infrastructure integrity. Focus on scaling security testing, automating incident response, and driving remediation efforts in a high-compliance financial environment.

Location: Remote (US), with optional office presence in New York City, Sioux Falls, Porto, Lisbon, or Singapore.

Company

hirify.global is a regulated crypto platform offering integrated financial services and infrastructure solutions through the first federally chartered crypto bank in the US.

What you will do

• Build and maintain security automation to detect vulnerabilities across code and live production environments.
• Conduct application security assessments, penetration tests, and code reviews to improve system security.
• Manage the full vulnerability lifecycle from discovery through remediation, partnering with engineering teams.
• Develop and test security guardrails for cloud infrastructure and platform components.
• Monitor for security anomalies, investigate incidents, and coordinate containment efforts.
• Produce assurance artifacts and evidence to support audit and regulatory compliance requirements.

Requirements

• 3+ years of experience in security engineering, AppSec, or security operations.
• Proven experience building security tools or automation using Python, Go, or similar languages.
• Strong understanding of AWS security fundamentals including IAM, VPCs, and logging.
• Proficiency in vulnerability assessment and static/dynamic analysis tools like Semgrep, CodeQL, or Burp Suite.
• Ability to perform root cause analysis and coordinate incident response efforts.
• Must be based in the United States.

Nice to have

• Experience in regulated financial services, fintech, or crypto environments.
• Knowledge of blockchain security, smart contract auditing, or Web3 technologies.
• Participation in bug bounty programs like HackerOne or Bugcrowd.
• Relevant certifications such as OSCP, GWAPT, GCIH, or AWS Security Specialty.

Culture & Benefits

• Remote-friendly work environment with global collaboration.
• Sponsorship of quarterly in-person collaboration days for distributed team members.
• Opportunities to work on cutting-edge financial infrastructure and regulated systems.
• Collaborative team culture emphasizing knowledge sharing and technical growth.
• Focus on operational excellence and high-impact security outcomes.