Principal Security Engineer (Fintech)

TL;DR

Principal Security Engineer (IAM/Fintech): Architecting the next generation of Identity systems to transition the enterprise from static governance to Continuous Adaptive Trust with an accent on risk-based authorization and non-human workload security. Focus on engineering a scalable trust platform, implementing Just-in-Time (JIT) access workflows, and enforcing Zero Trust principles in a cloud-native environment.

Location: Must be based in the United States (Remote or Hybrid with hubs in Arizona, California, and Texas)

Company

hirify.global is a leading digital personal finance fintech unicorn providing personalized financial solutions, including loans and debt resolution services.

What you will do

• Design and implement a Risk-Based Authorization model and transition the enterprise toward a Zero Trust architecture.
• Architect comprehensive Identity solutions covering user identities, machine identities (Kubernetes, Lambda, APIs), and Privileged Access Management (PAM).
• Integrate Identity systems across Azure AD, AWS, GCP, and Okta using SAML, OAuth, OpenID Connect, and SCIM.
• Develop "Just-in-Time" (JIT) access workflows to reduce the blast radius of potential compromises and eliminate persistent administrative overhead.
• Partner with the SOC to build ITDR capabilities for detecting and neutralizing identity-based attacks like session hijacking and MFA fatigue.
• Provide technical leadership and mentorship to Identity Engineers while delivering self-service Identity APIs and SDKs to improve DevEx.

Requirements

• Location: Must be based in the USA
• 8+ years in Cybersecurity/Engineering with a proven track record of implementing Zero Trust architectures.
• 5+ years of specialized experience in Identity and Access Management (IAM).
• Deep mastery of identity protocols: OIDC, OAuth 2.0, SAML, and SCIM, with a focus on mTLS and JWT security.
• Expert-level experience with cloud-native IAM (AWS, Azure Entra ID, GCP) and container orchestration via Kubernetes.
• Proficiency in Terraform and scripting languages such as Python or PowerShell for security automation.

Nice to have

• Master's degree in Computer Science or Cybersecurity.
• Industry certifications such as CISSP, CISM, or vendor-specific certifications (Okta, Microsoft Identity).

Culture & Benefits

• 401(k) with employer match.
• Comprehensive medical, dental, and vision insurance with HSA and FSA options.
• Competitive vacation and sick time, plus dedicated volunteer days.
• Mental and physical health wellness programs via the Employee Assistance Program.
• Inclusive environment with six employee resource groups and a commitment to diversity.