Sr. Security Engineer

Company Overview:At Snap Finance, we believe everyone deserves access to the things they need, regardless of credit history. Since 2012, we've used data, machine learning, and a more human approach to create flexible financing solutions that help people move forward. We're proud of our inclusive, supportive culture, built on empowering our customers, partners, and team members alike. When our people thrive, so does our innovation.If you're looking to make an impact and grow with a team that values you, come join us!Job DescriptionWe are looking for a Senior Security Engineer who will serve as the technical backbone of our Infrastructure Security Operations team. You will own the day-to-day security of our cloud environment — operating and evolving our security toolset, leading incident response, and driving vulnerability management across multi-region AWS infrastructure.You are not just an operator. You write code to automate what others do manually, you apply AI-native tooling to work faster and smarter, and you bring your peers along with you. You will set the technical standard for a small, growing InfraSecOps team and help build a culture of engineering excellence within the security organization.Alongside the operational work, you will own the health of the security program within your domain — tracking metrics, supporting compliance, and contributing to executive and board-level reporting. You are comfortable moving between a terminal window and a boardroom narrative, and you take pride in making both excellent.This role requires occasional after-hours availability for critical security incidents. You will report directly to the CISO.How you'll make an impact:Secure and Operate the Cloud EnvironmentOwn cloud security posture across multi-region AWS environments — continuously assess, harden, and improveOperate the full security toolset: CSPM, SIEM, vulnerability management, network security, ZTNA, DLP, EDR, and endpoint managementDrive the vulnerability management lifecycle end to end: scan cadence, prioritization, remediation SLAs, and reportingManage identity and access infrastructure in collaboration with IT, spanning MFA, IAM, IGA, privileged access, and credential managementLead the buildout of a Privileged Access Management (PAM) programSupport ongoing cloud migration security workstreamsMonitor threat intelligence and external attack surface signals; translate findings into prioritized actionLead and Respond to IncidentsServe as a primary responder for security incidents — triage, contain, eradicate, and recover with urgency and disciplineOwn incident response process maturity: playbook development, evidence chain of custody, forensic readiness, and post-incident reviewsBe available for occasional after-hours response when critical incidents ariseBuild, Automate, and Elevate the TeamSet the coding and AI standard for the InfraSecOps team — write tools, automate workflows, and actively mentor peers in modern security engineering practicesBuild and maintain automation for alert triage, compliance evidence collection, asset inventory, and security metricsDevelop API integrations between security tools to eliminate manual handoffs and improve data fidelityContribute to security-as-code practices: IaC security reviews, CI/CD pipeline hardening, and software supply chain controlsChampion AI-native tooling across the team; evaluate and implement AI-assisted detection, threat hunting, and response capabilitiesBuild and contribute to Agentic AI frameworks within the security programStay current on AI security risks — prompt injection, model abuse, shadow AI — and turn awareness into practical controlsOwn the Security Program Within Your DomainMaintain the security program roadmap and key results for your domain, including compliance attestation timelines and remediation SLA adherenceTrack and mature the security tool portfolio: monitor adoption, measure effectiveness, and drive continuous improvementMaintain risk registers and GRC platforms; ensure findings are triaged and resolved within SLACoordinate audit evidence collection for SOC 2 Type II, PCI DSS 4.0, and CyberEssentials+Contribute to executive and board-level security reporting — translate operational data into clear program narrativesDrive cross-functional follow-through with Engineering, IT, Data, and PMO on security workstreamsWhat you'll need to succeed: Required5+ years in security engineering, security operations, or a combined SecOps/program roleMust be authorized to work in the United States and be US-basedHands-on experience operating cloud security tooling in AWS environmentsProficiency in at least one scripting or programming language — Python strongly preferredExperience building dashboards, writing queries, and tuning alerts in a SIEM platformStrong working knowledge of vulnerability management and incident response lifecyclesExperience supporting compliance frameworks: SOC 2, PCI DSS, or equivalentDemonstrated use of AI and ML tooling in a professional security contextTrack record of mentoring or upskilling peers in technical disciplinesStrong written communication skills — equally effective writing for engineers and executivesComfortable with occasional after-hours availability for critical security incidentsWhat would make you stand out:Experience with GRC platforms: compliance automation, risk management, or audit evidence toolingExposure to IGA and PAM concepts and toolingSecurity certifications: CISSP, CISM, AWS Security Specialty, or GIAC (GCIH, GCED, or similar)Background in fintech, lending, or regulated financial servicesContributions to security tooling, open-source projects, or internal platform engineeringExperience with SOAR platforms or automated response workflowsWhy Join Us:Generous paid time offCompetitive medical, dental & vision coverage401K with company match for USCompany-paid life insuranceCompany-paid short-term and long-term disabilityAccess to mental health and wellness resourcesCompany-paid volunteer time to do good in your communityLegal coverage and other supplemental optionsA value-based culture where growth opportunities are endlessMore:Snap values diversity and all qualified applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status. Learn more by visiting our website at www.snapfinance.com.California Residents, please review our California Consumer Privacy Act Notice at https://snapfinance.com/ccpa-notice