Snap Finance
Overview
Company: Snap Finance Location: New York, United States (remote options not specified) Be among the first applicants and explore AI-powered insights on this job. About the Company
At Snap Finance, we believe everyone deserves access to the things they need, regardless of credit history. Since 2012, we've used data, machine learning, and a human approach to create flexible financing solutions that help people move forward. We're proud of our inclusive, supportive culture, built on empowering our customers, partners, and team members alike. When our people thrive, so does our innovation. If you're looking to make an impact and grow with a team that values you, come join us! Job Description
This position is responsible for the overall development, implementation and maintenance of the security systems and building security during the development life cycle. The individual will work closely with all levels of the organization to ensure the maximum level of security consistent with organizational risk, information access requirements, and business strategies. A security specialist is expected to stay up-to-date on the latest intelligence, including attackers' methodologies, to anticipate security breaches. They are also responsible for preventing data loss and service interruptions by researching new technologies that will effectively protect the integrity, confidentiality, and availability of the data and systems. How you'll make an impact
Embed security into the software development lifecycle (SSDLC), from design to deployment. Perform automated and manual vulnerability assessments across cloud, endpoint, and network assets. Develop and maintain security automation pipelines for detection, remediation, and configuration compliance. Monitor security tools and telemetry to detect real-time threats and anomalies across AWS, GCP, and Azure. Partner with development and infrastructure teams to secure CI/CD pipelines, containerized workloads, and serverless functions. Harden infrastructure components (WAF, CDN, firewalls, proxies, IDPS) and validate their configurations continuously. Collaborate with security program managers and compliance teams to support regulatory initiatives (e.g., PCI-DSS, GLBA, SOC 2). Participate in incident response and post-mortem analysis, including containment, eradication, and lessons learned. Evaluate new tools and emerging threats to drive a culture of continuous security improvement. Provide training and guidance to internal teams on secure development, phishing awareness, and threat modeling. What you'll need to succeed
Bachelor's degree in Computer Science, Cybersecurity, or equivalent hands-on experience. 3+ years in a security engineering or cybersecurity role, ideally in a fintech or regulated industry. Proficiency with multi-cloud security best practices (AWS, GCP, Azure). Experience with security tooling (e.g., Snyk, Tenable, Burp, AWS GuardDuty, GCP SCC, etc.). Fluency in networking concepts (TCP/IP, DNS, HTTPS, OSI model). Understanding of OWASP Top 10, secure coding, and web app/API security. Knowledge of cryptographic protocols and data protection strategies. Familiarity with IaC security (e.g., Terraform, CloudFormation) and DevSecOps pipelines. Advanced English skills with strong written and verbal communication. Desirable qualifications
Hands-on experience in incident response, purple teaming, or threat hunting. Knowledge of SIEMs, SOAR platforms, and detection-as-code practices. Certifications: CISSP, OSCP, GCP Security Engineer, AWS Security Specialty, or equivalent. Exposure to compliance frameworks (SOC 2, GLBA, PCI-DSS) and how security engineering enables control coverage. Experience running or supporting Security Programs Experience collaborating across time zones and globally distributed teams. Why join us
Generous paid time off Competitive medical, dental & vision coverage 401K with company match Company-paid life insurance Company-paid short-term and long-term disability Access to mental health and wellness resources Company-paid volunteer time to do good in your community Legal coverage and other supplemental options A values-based culture with growth opportunities Additional information
Snap values diversity and all qualified applicants will be considered for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status. Learn more by visiting our website at www.snapfinance.com. California Residents, please review our California Consumer Privacy Act Notice at https://snapfinance.com/ccpa-notice #J-18808-Ljbffr
Company: Snap Finance Location: New York, United States (remote options not specified) Be among the first applicants and explore AI-powered insights on this job. About the Company
At Snap Finance, we believe everyone deserves access to the things they need, regardless of credit history. Since 2012, we've used data, machine learning, and a human approach to create flexible financing solutions that help people move forward. We're proud of our inclusive, supportive culture, built on empowering our customers, partners, and team members alike. When our people thrive, so does our innovation. If you're looking to make an impact and grow with a team that values you, come join us! Job Description
This position is responsible for the overall development, implementation and maintenance of the security systems and building security during the development life cycle. The individual will work closely with all levels of the organization to ensure the maximum level of security consistent with organizational risk, information access requirements, and business strategies. A security specialist is expected to stay up-to-date on the latest intelligence, including attackers' methodologies, to anticipate security breaches. They are also responsible for preventing data loss and service interruptions by researching new technologies that will effectively protect the integrity, confidentiality, and availability of the data and systems. How you'll make an impact
Embed security into the software development lifecycle (SSDLC), from design to deployment. Perform automated and manual vulnerability assessments across cloud, endpoint, and network assets. Develop and maintain security automation pipelines for detection, remediation, and configuration compliance. Monitor security tools and telemetry to detect real-time threats and anomalies across AWS, GCP, and Azure. Partner with development and infrastructure teams to secure CI/CD pipelines, containerized workloads, and serverless functions. Harden infrastructure components (WAF, CDN, firewalls, proxies, IDPS) and validate their configurations continuously. Collaborate with security program managers and compliance teams to support regulatory initiatives (e.g., PCI-DSS, GLBA, SOC 2). Participate in incident response and post-mortem analysis, including containment, eradication, and lessons learned. Evaluate new tools and emerging threats to drive a culture of continuous security improvement. Provide training and guidance to internal teams on secure development, phishing awareness, and threat modeling. What you'll need to succeed
Bachelor's degree in Computer Science, Cybersecurity, or equivalent hands-on experience. 3+ years in a security engineering or cybersecurity role, ideally in a fintech or regulated industry. Proficiency with multi-cloud security best practices (AWS, GCP, Azure). Experience with security tooling (e.g., Snyk, Tenable, Burp, AWS GuardDuty, GCP SCC, etc.). Fluency in networking concepts (TCP/IP, DNS, HTTPS, OSI model). Understanding of OWASP Top 10, secure coding, and web app/API security. Knowledge of cryptographic protocols and data protection strategies. Familiarity with IaC security (e.g., Terraform, CloudFormation) and DevSecOps pipelines. Advanced English skills with strong written and verbal communication. Desirable qualifications
Hands-on experience in incident response, purple teaming, or threat hunting. Knowledge of SIEMs, SOAR platforms, and detection-as-code practices. Certifications: CISSP, OSCP, GCP Security Engineer, AWS Security Specialty, or equivalent. Exposure to compliance frameworks (SOC 2, GLBA, PCI-DSS) and how security engineering enables control coverage. Experience running or supporting Security Programs Experience collaborating across time zones and globally distributed teams. Why join us
Generous paid time off Competitive medical, dental & vision coverage 401K with company match Company-paid life insurance Company-paid short-term and long-term disability Access to mental health and wellness resources Company-paid volunteer time to do good in your community Legal coverage and other supplemental options A values-based culture with growth opportunities Additional information
Snap values diversity and all qualified applicants will be considered for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status. Learn more by visiting our website at www.snapfinance.com. California Residents, please review our California Consumer Privacy Act Notice at https://snapfinance.com/ccpa-notice #J-18808-Ljbffr