Senior Information Security Engineer

Role Summary

The Senior Information Security Engineer is responsible for owning application security across all Self products. This role plays a critical part in protecting customer data, ensuring compliance with SOC 2 and PCI requirements, and partnering closely with engineering teams to identify, prioritize, and remediate security risks throughout the software development lifecycle.

What you will do:

• Own end-to-end application security for all Self products
• Conduct and manage vulnerability scanning, triage, and remediation tracking using security tools (e.g., SAST)
• Partner closely with engineering and product teams to remediate critical security findings
• Lead and perform third-party vendor security reviews and risk assessments
• Support SOC 2 and PCI compliance efforts, including audit preparation and evidence collection
• Identify application-level security risks and recommend mitigation strategies
• Help embed secure-by-design practices into product development processes
• Monitor emerging application security threats and recommend appropriate controls

Who you are:

• Strong experience in application security, product security, or software security engineering
• Experience with application security scanning using GitLab SAST
• Hands-on experience with vulnerability management tools and remediation workflows
• Knowledge of secure software development practices and common application vulnerabilities
• Experience supporting or operating within SOC 2 and PCI compliance environments
• Ability to partner effectively with engineering teams to drive security outcomes
• Strong risk assessment, prioritization, and communication skills

Preferred Qualifications

• Experience performing third-party vendor security assessments
• Familiarity with cloud-native application architectures
• Prior experience in fintech, regulated industries, or environments handling sensitive customer data
• Security certifications (e.g., CISSP, CSSLP, GWAPT) or equivalent experience

Benefits and Perks:

We have the compensation and benefits you expect. But there's one thing that Self Financial can offer that many companies cannot: we can positively change the financial lives of our customers.