Security Engineer
About the role
This is a full-time, on-site Security Engineer role based in Los Angeles, CA. The Security Engineer will design, implement, and maintain security controls across SmartFinanceNerd’s infrastructure, applications, and data to protect user privacy and financial information. Responsibilities include conducting security assessments and threat modeling, reviewing code and architecture for vulnerabilities, and implementing secure authentication, authorization, and encryption practices. The role involves monitoring security events, responding to incidents, collaborating with engineering teams to embed security into the SDLC, and maintaining policies that align with industry standards and regulations. The Security Engineer will also support security audits, help drive security awareness across the organization, and continuously improve defenses against emerging threats.
What we're looking for
- Strong foundation in Security Engineering and Information Security, including secure system design and risk management.
- Hands-on experience with Application Security, such as secure coding practices, code review, and application vulnerability testing.
- Knowledge of Network Security, including firewalls, VPNs, IDS/IPS, and secure network architecture.
- Broad understanding of Cybersecurity principles, threat landscapes, incident response, and security monitoring.
- Experience with cloud security (e.g., AWS, GCP, or Azure), identity and access management, and data protection techniques.
- Familiarity with security standards and frameworks (e.g., OWASP, NIST, ISO 27001) and compliance requirements relevant to financial or consumer data.
- Proficiency with security tools (e.g., vulnerability scanners, SIEM, endpoint protection) and scripting or automation (e.g., Python, Bash) for security tasks.
- Ability to communicate complex security concepts clearly to technical and non-technical stakeholders and collaborate effectively with cross-functional teams.
- Bachelor’s degree in Computer Science, Information Security, or a related field, or equivalent practical experience; relevant certifications (e.g., CISSP, OSCP, CEH) are a plus.
Learn about SmartFinanceNerd
Explore the product, mission, and editorial work before you apply.