Security Architect - Remote

Life at MX

We are driven by our moral imperative to advance mankind - and it all starts with our people, product and purpose. We always carry a deep sense of drive and passion with us. If you thrive in a challenging work environment, surrounded by incredible team members who will help you grow, MX is the right place for you.

Come build with us and be part of an award-winning company that's helping create meaningful and lasting change in the financial industry.

Job Purpose

The Security Architect champions secure development and application security practices throughout the organization. Working with the Engineering and Product teams, the Security Architect ensures that applications are developed using secure patterns and reviews changes to existing applications. As a key member of the Information Security department, the Security Architect works to help build a comprehensive suite of security capabilities, controls, and standards. In a nutshell: building security and automation into the DevOps and engineering processes. If you prefer buzzwords: 'DevSecOps'.

What you'll get to do

• Architect security systems and models to help secure MX's platform and products, both in the cloud and on-prem/colo
• Build the MX Security Architecture review program and processes
• Automate application security tooling by building it into the CI/CD processes
• Ensure that software is developed securely with resilient architectures and patterns
• Partner with the Platform and DevOps teams to implement appropriate security architecture, tooling and automation for Kubernetes
• Establish appropriate security checkpoints in the SDLC to ensure that secure code practices are being followed
• Understand and track the current threat landscape for products and software that we develop and create controls accordingly
• Function as the subject matter expert on application security architecture
• Assess fraud vectors in applications and partner with the appropriate team to address and resolve related issues

You'll do it using your

• Solid understanding of automation tooling; primarily CI/CD pipelines and containers)
• Solid understanding of computer security principles and development processes
• Deep Understanding of software dependencies, related vulnerabilities and secure use of software repositories and open source software
• Knowledge of financial industry regulations and standards is a plus
• Knowledge of secure coding principles and ability to partner with developers
• Experience with common cloud platforms such as GCP, AWS or Azure and Infrastructure as Code tooling, such as terraform or CloudFormation