Senior Security Engineer (Fintech)

TL;DR

Senior Security Engineer (Fintech): Own product security reviews end-to-end including threat modeling, security architecture review, and design consultation for payment processing and partner integration platforms with an accent on secure development lifecycle and compliance. Focus on performing application security assessments, penetration testing, incident response, and building security automation tooling.

Location: Remote (U.S.)

Company

hirify.global is a growth-stage, NYC-headquartered FinTech company creating the best rent payment experience, enabling users to pay rent hirify.globalibly throughout the month.

What you will do

• Own end-to-end product security reviews: threat modeling, architecture review, and design consultation for new features
• Lead security design reviews for payment processing, account management, and partner integrations
• Drive secure development lifecycle across teams through tooling, processes, and education
• Conduct application security assessments, code reviews, and penetration testing
• Respond to security incidents, lead post-incident analysis, and remediation
• Build security automation and tooling, including AI-assisted reviews and SAST/DAST integration
• Translate security concepts for stakeholders and contribute to organization-wide standards

Requirements

• 5+ years in application security, product security, or security engineering
• Experience with threat modeling (STRIDE, DREAD, attack trees) in production systems
• Strong appsec skills: OWASP Top 10, API security, auth/authz, secure coding
• Security code reviews and penetration testing experience
• Proficiency with AWS cloud security
• Knowledge of fintech compliance: SOC 2, PCI DSS, NYDFS
• Ability to own projects independently and communicate risks effectively

Nice to have

• Fintech, payments, or financial services experience
• Building/operating security automation (SAST/DAST)
• Security Champions program experience
• Certifications (OSCP, GWAPT, CISSP)
• Bug bounty program management
• AI/ML security considerations

Culture & Benefits

• Distributed async-first team with employees across US, Australia, Canada, South America
• Small high-impact 4-person security team supporting 100+ engineers
• AI-forward culture with shipped AI-powered security tools
• Competitive US benefits: medical/dental/vision, 401(k) match, unlimited PTO + holidays, parental leave, equity
• Non-US: competitive comp + equity, unlimited PTO
• Market-based pay by location tier (NYC/SF Tier A, etc.)