Senior Security Engineer

As a Senior Security Engineer at DailyPay, Inc, you will play a critical role in protecting the security and privacy of our customers' information and ensuring the overall security posture of our systems and infrastructure. You will work closely with cross-functional teams, including software engineers, system administrators, and risk/compliance professionals, to identify and mitigate security vulnerabilities and ensure compliance with regulatory standards. This role requires a deep understanding of information security principles, a strong technical background, and the ability to implement effective security controls in a fast-paced fintech environment.

If this opportunity excites you, we encourage you to apply even if you do not meet all of the qualifications.

• Security Infrastructure: Design, implement, and maintain security systems and infrastructure, including, access control systems, data loss prevention mechanisms, and secure network architecture.
• Vulnerability Management: Conduct regular security assessments, vulnerability scans, and penetration tests to identify weaknesses in the environment. Collaborate with teams to prioritize and remediate vulnerabilities in a timely manner.
• Incident Response: Continuously improve the incident response plan to address security incidents effectively. Investigate and respond to security incidents, including data breaches, malware outbreaks, and system compromises. Coordinate with internal teams and external stakeholders as necessary.
• Secure Software Development: Collaborate with software engineering teams to integrate secure coding practices throughout the software development lifecycle. Perform code reviews, identify security flaws, and provide recommendations for remediation.
• Security Monitoring and Threat Detection: Implement and maintain security monitoring tools and technologies to detect and respond to security threats in real-time. Monitor system logs, network traffic, and security alerts to identify and investigate potential security incidents.
• Compliance and Risk Management: Ensure compliance with industry regulations and standards, such as Payment Card Industry Data Security Standard (PCI DSS), General Data Protection Regulation (GDPR), and other applicable laws. Assist with risk assessments, control implementation, and security audits.
• Security Documentation and Policies: Develop and maintain security policies, procedures, and standards. Create and update security documentation, including incident response plans, system architecture diagrams, and security guidelines.

• A bachelor's degree in computer science, information security, or a related field is typically required. Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified Ethical Hacker (CEH) are highly desirable.
• A minimum of 5 years of experience in information security, with a focus on secure system design, vulnerability management, incident response, and risk assessment. Experience in the fintech or banking industry is a plus.
• In-depth knowledge of security technologies and best practices, including firewalls,, secure coding practices, vulnerability assessment tools, and encryption methods. Familiarity with cloud security (e.g., AWS) and container security is highly beneficial.
• Proficiency in programming and scripting languages such as Python, Java, or PowerShell to automate security tasks, analyze logs, and develop security tools/scripts.
• Familiarity with security frameworks and standards such as NIST Cybersecurity Framework, ISO 27001, and SOC 2. Knowledge of regulatory compliance requirements, including PCI DSS and GDPR, is essential.
• Strong analytical thinking and problem-solving abilities to assess complex security issues, identify root causes, and propose effective solutions.
• Excellent communication skills, both written and verbal, to effectively convey security concepts to technical and non-technical stakeholders. Ability to collaborate with cross-functional teams.

• Exceptional health, vision, and dental care
• Life and AD&D, short- and long-term disability
• Employee Assistance Program
• Employee Resource Groups
• Fun company outings and events
• Unlimited PTO
• 401K with company match
• Opportunity for equity ownership