Senior Security Infrastructure Engineer (Fintech)

TL;DR

Senior Security Infrastructure Engineer (Fintech): Strengthening hirify.global’s security posture across cloud infrastructure, applications, and developer workflows with an accent on vulnerability management, detection engineering, and supply chain security. Focus on improving efficiency, visibility, and resilience across the organization through hands-on security operations and building new security capabilities.

Location: Remote

Salary: $5,000 - $9,500 per month (Gross in USD)

Company

hirify.global is revolutionizing the shopping experience beyond payments with interest-free installment plans.

What you will do

• Lead and operate vulnerability management across infrastructure, platforms, and applications.
• Build, operate, and mature SIEM/XDR capabilities, including log ingestion, detection rule development, and alert tuning.
• Investigate and respond to security incidents across cloud infrastructure and applications, performing root cause analysis.
• Design and implement detection strategies for suspicious activity using application and database telemetry.
• Drive infrastructure and CI/CD hardening initiatives, focusing on reducing software and container supply chain risk.
• Develop and implement automation (including AI where appropriate) to improve efficiency in security operations, detection, and response.

Requirements

• 6+ years of experience in security, software, or infrastructure engineering, with hands-on experience securing cloud-based production systems.
• Experience contributing to threat modeling and security design reviews for modern systems.
• Strong hands-on experience in vulnerability management, including scanning, triage, validation, remediation coordination, and verification.
• Experience working with SIEM platforms (e.g., Wazuh, Splunk, ELK) for detection engineering, monitoring, and incident response.
• Strong knowledge of AWS, Linux, and Kubernetes infrastructure, including security architecture, hardening, and operational best practices.
• Working knowledge of compliance frameworks such as PCI DSS and SOC 2.

Nice to have

• Experience designing and tuning detection rules, reducing alert noise, and improving investigation workflows.
• Strong understanding of cloud-native security controls, including IAM, network segmentation, and container security.
• Familiarity with log-based detection, telemetry pipelines, and security analytics use cases.
• Experience designing secure CI/CD workflows that reduce exposure to vulnerable dependencies and untrusted artifacts.
• Experience aligning technical security work with regulatory and compliance expectations.

Culture & Benefits

• Be part of a team of brilliant engineers, passionate data enthusiasts, and out-of-the-box thinkers.
• Work in a culture that values unique and purpose-driven individuals.
• Enjoy a work environment that is more than just perks, but a visible example living in every employee.
• Contribute to a company focused on using open source and building before buying.
• Balance strong security standards with business needs and support privacy and compliance requirements in a practical, scalable way.
• Use automation and emerging technologies (including AI) to automate repetitive security work and improve team effectiveness.