Security Assurance Engineer - FinTech

Top technology-driven prime brokerage and FinTech services firm is looking to hire an experienced Security Assurance Engineer to join it’s small and growing team in New York.We’re seeking a senior/principal individual contributor to define and validate security expectations across the firms production systems protecting both traditional-finance and digital-asset businesses. You will work closely with the firms Security Engineering Manager, translate the security vision into concrete, high-impact assurance deliverables and operate autonomously in building scalable standards, reviews, and oversight mechanisms across application, DevSecOps, cloud, and security operations domains while mentoring teammates.What we’re looking for:8+ years (Senior) or 12+ years (Principal) in security assurance, product security, or security engineering within fintech, exchanges, or large-scale web environments, with a record of owning complex projects end-to-end with minimal oversightBachelor or Master’s degree in Computer Science, Information Security, or related disciplineDeep expertise in one or more domains: application security, DevSecOps/software supply chain security, cloud security (AWS preferred), vulnerability management, or incident response/PSIRTProven track record delivering an end-to-end assurance lifecycle (standards → verification → findings → risk decisions → closure verification) and driving remediation outcomes through partner engineering teamsExperience maintaining code-to-cloud guardrails and tooling (CI/CD workflows, SAST, SCA, DAST, secrets scanning) and/or operating cloud security posture tooling (CSPM, CWPP, ASPM/CNAPP)Ability to read and assess code and infrastructure changes; ability to build lightweight automation in a modern language (preferably Python) to scale assurance (e.g., PR routing, detection-as-code)Experience conducting threat modeling for high-value, low-latency trading or custody systems and validating mitigations in productionExcellent written and verbal communication with the ability to frame technical risk, tradeoffs, and impact for engineers and non-engineersCompensation and benefits are highly competitive and contingent on experience.