Security Engineer
Indexed description
If you're looking to make an impact and grow with a team that values you, come join us!
Job Description
We’re looking for a Security Engineer to serve as a key technical expert on our Infrastructure Security Operations team. This role owns the day-to-day security of our multi-region AWS environment, including security tooling, incident response, vulnerability management, and automation.
You’ll write code to eliminate manual work, leverage AI-native tools to improve efficiency, and help raise the technical bar across a growing team. In addition to operational ownership, you’ll support security metrics, compliance, and executive/board reporting.
This role requires occasional after-hours support for critical security incidents and reports directly to the CISO.
How you’ll make an impact:
Secure and Operate the Cloud Environment
- Own cloud security posture across multi-region AWS environments — continuously assess, harden, and improve
- Operate the full security toolset: CSPM, SIEM, vulnerability management, network security, ZTNA, DLP, EDR, and endpoint management
- Drive the vulnerability management lifecycle end to end: scan cadence, prioritization, remediation SLAs, and reporting
- Manage identity and access infrastructure in collaboration with IT, spanning MFA, IAM, IGA, privileged access, and credential management
- Lead the buildout of a Privileged Access Management (PAM) program
- Support ongoing cloud migration security workstreams
- Monitor threat intelligence and external attack surface signals; translate findings into prioritized action
- Serve as a primary responder for security incidents — triage, contain, eradicate, and recover with urgency and discipline
- Own incident response process maturity: playbook development, evidence chain of custody, forensic readiness, and post-incident reviews
- Be available for occasional after-hours response when critical incidents arise
- Set the coding and AI standard for the InfraSecOps team — write tools, automate workflows, and actively mentor peers in modern security engineering practices
- Build and maintain automation for alert triage, compliance evidence collection, asset inventory, and security metrics
- Develop API integrations between security tools to eliminate manual handoffs and improve data fidelity
- Contribute to security-as-code practices: IaC security reviews, CI/CD pipeline hardening, and software supply chain controls
- Champion AI-native tooling across the team; evaluate and implement AI-assisted detection, threat hunting, and response capabilities
- Build and contribute to Agentic AI frameworks within the security program
- Stay current on AI security risks — prompt injection, model abuse, shadow AI — and turn awareness into practical controls
- Maintain the security program roadmap and key results for your domain, including compliance attestation timelines and remediation SLA adherence
- Track and mature the security tool portfolio: monitor adoption, measure effectiveness, and drive continuous improvement
- Maintain risk registers and GRC platforms; ensure findings are triaged and resolved within SLA
- Coordinate audit evidence collection for SOC 2 Type II, PCI DSS 4.0, and CyberEssentials+
- Contribute to executive and board-level security reporting — translate operational data into clear program narratives
- Drive cross-functional follow-through with Engineering, IT, Data, and PMO on security workstreams
- 5+ years in security engineering, security operations, or a combined SecOps/program role
- Must be authorized to work in the United States and be US-based
- Hands-on experience operating cloud security tooling in AWS environments
- Proficiency in at least one scripting or programming language — Python strongly preferred
- Experience building dashboards, writing queries, and tuning alerts in a SIEM platform
- Strong working knowledge of vulnerability management and incident response lifecycles
- Experience supporting compliance frameworks: SOC 2, PCI DSS, or equivalent
- Demonstrated use of AI and ML tooling in a professional security context
- Track record of mentoring or upskilling peers in technical disciplines
- Strong written communication skills — equally effective writing for engineers and executives
- Comfortable with occasional after-hours availability for critical security incidents
- Experience with GRC platforms: compliance automation, risk management, or audit evidence tooling
- Exposure to IGA and PAM concepts and tooling
- Security certifications: CISSP, CISM, AWS Security Specialty, or GIAC (GCIH, GCED, or similar)
- Background in fintech, lending, or regulated financial services
- Contributions to security tooling, open-source projects, or internal platform engineering
- Experience with SOAR platforms or automated response workflows
- Generous paid time off
- Competitive medical, dental & vision coverage
- 401K with company match for US
- Company-paid life insurance
- Company-paid short-term and long-term disability
- Access to mental health and wellness resources
- Company-paid volunteer time to do good in your community
- Legal coverage and other supplemental options
- A value-based culture where growth opportunities are endless
California Residents, please review our California Consumer Privacy Act Notice at https://snapfinance.com/ccpa-notice
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search