Назад
Company hidden
1 день назад

Senior Application Security Engineer (Fintech)

180 000 - 215 000$
Формат работы
remote (только USA)
Тип работы
fulltime
Грейд
senior
Английский
b2
Страна
US
Вакансия из списка Hirify.GlobalВакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

Senior Application Security Engineer (Python/AI): Conducting application security reviews and managing vulnerabilities for a personal finance platform with an accent on Django/Python stack and AI security. Focus on applying AI security review processes for LLM-integrated features, building security automations, and mitigating prompt injection and data leakage risks.

Location: Remote (Applicants from almost anywhere are welcome)

Salary: $180K – $215K

Company

hirify.global is a powerful, all-in-one personal finance platform designed to simplify financial management for its members.

What you will do

  • Conduct application security reviews, threat modeling, and risk assessments for the Django/Python stack.
  • Manage SAST/DAST operations, including triage, validation, and remediation tracking in CI/CD pipelines.
  • Perform penetration testing and security assessments for web and API surfaces.
  • Develop and improve AI security processes for LLM-integrated and agentic product surfaces, covering prompt injection and model abuse.
  • Build security automations and AI-powered tooling to define requirements for AI workflows.
  • Participate in the weekly security on-call rotation.

Requirements

  • 5+ years in security engineering with depth in Application and AI security.
  • Proficiency in Python and strong knowledge of OWASP Top 10 and API security.
  • Hands-on experience with tools such as Semgrep, Burp Suite, or Nuclei.
  • Familiarity with AI/ML security risks, including prompt injection and LLM supply chain risk.
  • Transformative AI fluency, actively using AI tools to accelerate security work.

Nice to have

  • Experience in fintech or with financial data security requirements.
  • Familiarity with SOC 2, NIST CSF, or similar compliance frameworks.
  • Cloud security experience, particularly with AWS (IAM, ECS/EKS).
  • Relevant certifications like OSCP, BSCP, CSSLP, or CISSP.
  • Experience in detection engineering, incident response, or red teaming.

Culture & Benefits

  • Fully remote environment with no central office; work from wherever you are most productive.
  • Competitive cash and equity compensation in a hyper-growth company.
  • Stipend for setting up an ideal home working environment.
  • Comprehensive benefit plans (Medical, dental, vision, and 401k for US-based employees).
  • Unlimited PTO and a monthly "First Friday" day off for rest and recuperation.

Hiring process

  • Recruiter video call and Hiring Manager video call.
  • Take-home assignment.
  • Virtual "onsite" round consisting of 2–4 interviews.
  • Reference checks.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →