Currently we're investigating a bug where the answers are not recorded properly. If you encounter this bug, please email us at rfqjobs@gmail.com.
Information Security Engineer
(more about Peak6 Investment)

Information Security Engineer

WHO WE ARE

Apex Fintech Solutions (AFS) powers innovation and the future of digital wealth management by processing millions of transactions daily, to simplify, automate, and facilitate access to financial markets for all. Our robust suite of fintech solutions enables us to support clients such as Stash, Betterment, SoFi, and Webull, and more than 20 million of our clients' customers. 

Collectively, AFS creates an environment in which companies with the biggest ideas in fintech are empowered to change the world. We are based in Dallas, TX and also have offices in Austin, New York, Chicago, Portland, Belfast, and Manila.

If you are seeking a fast-paced and entrepreneurial environment where you'll have the opportunity to make an immediate impact, and you have the guts to change everything, this is the place for you. 

AFS has received a number of prestigious industry awards, including:

  • 2021, 2020, 2019, and 2018 Best Wealth Management Company - presented by Fintech Breakthrough Awards

  • 2021 Most Innovative Companies - presented by Fast Company

  • 2021 Best API & Best Trading Technology - presented by Global Fintech Awards

ABOUT THIS ROLE

The Information Security Engineer role will help champion the Application Security, Cloud Security and Cybersecurity programs as an SME in security controls, applying best practices to our security standards, liaison between cross-functional teams (Product, Engineering, SRE, IT), shared services, and infrastructure. The role responsibilities will consist of secure code review, security configuration and development, automation workflows, DevSecOps, vulnerability remediation, secure infrastructure design, threat analysis, and deploying secure defenses. 

 

What you’ll do all day:

 

  • Act as a subject matter expert for security tools deployed such as but not limited to; threat detection, cloud security, application security, IAM, source code, and security logging technologies. 

  • Monitor cloud and data center infrastructure and proactively mitigate potential incidents and vulnerabilities. 

  • Investigate security events, alerts and incidents and participate in incident response workflows and processes. 

  • Provide guidance to our engineering and development teams on security standards and secure best practices. 

  • Conduct assessments of security controls and penetration tests for new and existing systems. 

  • Create and maintain documentation and architecture diagrams. 

  • Determine new or revised security measures and countermeasures for current security challenges and threat landscape 

  • Independently architect, implement, deploy, and deliver solutions for various security technologies. 

  • Document and publish new security architectural standards and design guidelines. 

  • Provide technical expertise, team member mentoring and advice as it relates to security engineering. 

  • Assume product ownership, roadmap planning and sprint planning using agile and kanban frameworks. 

  • Ensure compliance with the latest regulations, standards, and laws related to information security and data confidentiality. 

  • Develop automation to improve security detection, scanning and remediation using custom scripts and “as-code” methods. 

  • Recommend new security technologies, processes and policies to reduce application and technology risk. 

  • Participate in security audits and assessments to provide evidence, interpret security controls and design technology solutions to maintain security certifications and frameworks. 

 

 

The skills you’ll need to succeed:

  • 3+ years of experience in security engineering or 5+ years in security analyst, IT, computer engineering experience 

  • BS/BA (or equivalent) in computer engineering, computer science, information technology, cybersecurity, software programming, etc. 

  • Desired Security Certifications: (CompTIA, AWS/GCP/Azure, GIAC, ISC2, EC-Council) 

  • Experience with scripting and programming languages, including integration with APIs, such as Python, Perl, PowerShell, Bash, Java, Javascript, and Go. 

  • Experience in managing and monitoring a security architecture and ecosystem. 

  • Knowledge in Application, Cloud, and Infrastructure security. 

  • Skilled in DevSecOps practices and source control management tools such as GitHub, Bitbucket etc.  

  • Engineering/operational support of cloud configuration in AWS, Azure, or Google Cloud 

  • Experience with cloud native platforms such as workloads, images, Kubernetes, serverless, cloud databases, load balancers, web application firewalls, etc. 

  • Experience building deployment pipelines, e.g., GitHub Actions. 

  • Skilled in implementing Infrastructure or Policy as Code (Terraform, OPA) 

  • Strong understanding of cloud service delivery models: containers, storage, and networks; virtual infrastructure management  

  • Familiarity with multiple security, vulnerability and threat frameworks such as NIST CSF, SOC2, ISO 27001, OWASP, EPSS, MITRE, CVSS, etc. 

  • Financial Services or other highly regulated Industries experience preferred 

  • Excellent analytical and problem-solving skills. 

  • Strong documentation and project management skills. 

  • Team oriented individual who can work on any size team. 

  • Ability to independently learn and work on multiple subjects and projects with minimal supervision and guidance. 

  • Solve problems to independently and consistently handle production/business problems to successful resolution. 

#engineering #mid-senior #full-time #LI-SD1 #APEX

Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties, or responsibilities required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.

Our Rewards

We offer a robust package of employee perks and benefits, including healthcare benefits (medical, dental and vision, EAP), competitive PTO, 401k match, parental leave, and HSA contribution match. We also provide our employees with a paid subscription to the Calm app and offer generous external learning and tuition reimbursement benefits. At AFS, we offer a hybrid work schedule for most roles that allows employees to have the flexibility of working from home and one of our primary offices.

EEO Statement

Apex Fintech Solutions is an equal opportunity employer that does not discriminate on the basis of race, color, religion, sex (including pregnancy, sexual orientation, and gender identity), national origin, age, disability, veteran status, marital status, or any other protected characteristic. Our hiring practices ensure that all qualified applicants receive fair consideration without regard to these characteristics.

Disability Statement

Apex Fintech Solutions is committed to creating an inclusive and accessible workplace for all candidates, including those with disabilities. We are dedicated to ensuring equal employment opportunities and providing reasonable accommodations to qualified individuals with disabilities. If you require reasonable accommodations to participate in the application or interview process, please submit your request via the Candidate Accommodation Requests Form. We will work with you to provide the necessary accommodations to ensure your full participation in our hiring process.