Plus
Включить Plus
Назад
Company hidden
1 день назад

Senior Application Security Engineer (Fintech)

170 000 - 220 000$
Формат работы
hybrid
Тип работы
fulltime
Грейд
senior
Английский
b2
Страна
US
Вакансия из списка Hirify.GlobalВакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

Senior Application Security Engineer (Fintech): Design and implement security best practices within applications and microservices with an accent on threat modeling, secure architecture, and vulnerability remediation. Focus on integrating SAST/DAST into CI/CD, conducting penetration tests, and embedding shift-left security practices to protect payments infrastructure.

Hybrid: 2–3 days per week on-site at New York City, San Francisco, or Seattle offices (as required by manager).

Compensation: $170K - $220K

Company

hirify.global reimagines co-branded credit cards and financial products, partnering with brands like Crate & Barrel and Booking.com to launch modern credit programs powered by advanced payments infrastructure and intelligent underwriting.

What you’ll do

  • Conduct threat modeling using MITRE ATT&CK to identify risks and mitigations early in development.
  • Perform security architecture reviews and code reviews to enforce secure design and OWASP Top 10 practices.
  • Integrate SAST/DAST into CI/CD pipelines and analyze reports for remediation.
  • Coordinate penetration tests on critical applications and document sustainable fixes.
  • Advise on encryption, key management, and secure coding training for engineering teams.
  • Investigate security incidents, refine incident response playbooks, and align with PCI DSS/SOC 2 compliance.

Requirements

  • 5+ years in cybersecurity focused on Application Security.
  • Hands-on coding experience with modern stacks (microservices, REST APIs, containers).
  • Proficiency in SAST/DAST tools, threat modeling, cryptography, and cloud security (AWS, GCP, Azure).
  • Excellent communication and collaboration in fast-paced cross-functional teams.

Nice to have

  • Certifications (CISSP, CSSLP, OSCP, CEH).
  • Experience with PCI DSS, SOC 2, ISO 27001.
  • Exposure to fintech/payments environments.

Culture & Benefits

  • Competitive compensation and equity packages.
  • Fully covered high-quality healthcare including dependents, One Medical access, and FSA option.
  • Flexible paid time off and 20 weeks paid parental leave for primary caregiver (8 weeks for all parents).
  • Leading configured work computers and access to industry-leading technology.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →