Senior Security Engineer - FinTech Remote Position

About the Role

Flex is seeking a Senior Security Engineer to join our team remotely. In this role, you will support product security across our innovative FinTech platform, ensuring that security is integrated from design through deployment. You will be part of a lean, high-impact security team, collaborating directly with product and engineering teams to enhance our security posture.

What You'll Do

• Own product security reviews end-to-end, including threat modeling, security architecture review, and design consultation for new features and services.
• Lead security design reviews for Flex's payment processing, account management, and partner integration platforms.
• Drive the secure development lifecycle (SDLC) across engineering teams, implementing tools and processes to shift security left.
• Perform application security assessments, code reviews, and penetration testing for critical product surfaces.
• Respond to and investigate complex security incidents, leading post-incident analysis and remediation.
• Build security automation and tooling to scale product security reviews, including AI-assisted review tools and SAST/DAST pipeline integration.
• Translate complex security concepts for cross-functional stakeholders, driving security adoption across product and engineering.
• Contribute to security standards, frameworks, and architectural patterns that guide organization-wide practices.

Requirements

• 5+ years of experience in application security, product security, or security engineering.
• Proven experience with threat modeling frameworks (STRIDE, DREAD, attack trees) applied to real production systems.
• Strong application security skills: OWASP Top 10, API security, authentication/authorization design, and secure coding practices.
• Experience conducting security code reviews and penetration testing.
• Proficiency with cloud security in AWS environments.
• Strong understanding of compliance frameworks relevant to FinTech (SOC 2, PCI DSS, NYDFS).
• Excellent written and verbal communication skills, with the ability to translate security risk into business impact.

Nice to Have

• Experience in FinTech, payments, or financial services.
• Experience building or operating security automation tools (SAST/DAST, security review tooling).
• Relevant certifications (OSCP, GWAPT, CISSP, or equivalent).
• Experience with bug bounty program management.
• Familiarity with AI/ML security considerations (prompt injection, agent identity, credential isolation).

What We Offer

• Competitive medical, dental, and vision benefits.
• Company equity options.
• 401(k) plan with company match.
• Unlimited paid time off + 13 company paid holidays.
• Parental leave and Flex Cares Program.
• Free Flex subscription.

Join us as a Senior Security Engineer and help redefine the security landscape in the FinTech industry. This remote position offers a unique opportunity to make a significant impact in a growing company.