As a Senior Software Security Engineer, you will play a critical role in shaping and executing our application and infrastructure security posture, driving secure-by-design practices, threat modeling, and proactive risk mitigation within engineering. This is a hands-on role for someone passionate about building secure systems and influencing security culture across a fast-paced fintech startup.

Reporting to the Director, Application Security, you will work with software engineers and leadership to address security risks and provide mitigation recommendations within the Secure Development Lifecycle (SDLC). Collaborate with development teams to understand their needs, assess risks, and customize solutions. Implement and manage security tools (SAST, SCA, DAST) and integrate solutions into CI/CD pipelines. Review applications against common flaws (e.g., OWASP Top 10) and provide visibility to senior management.

As an Application Security Engineer, you will perform application security testing on web applications, mobile applications, microservices, infrastructure code, and open source code in order to expose weaknesses. You will work closely with development teams and recommend steps for the remediation of identified vulnerabilities. You will educate development engineers on secure coding practices and contribute to overall application security awareness.