WHO WE AREApex Fintech Solutions (AFS) powers innovation and the future of digital wealth management by processing millions of transactions daily, to simplify, automate, and facilitate access to financial markets for all. Our robust suite of fintech solutions enables us to support clients such as Stash, Betterment, SoFi, and Webull, and more than 20 million of our clients' customers. Collectively, AFS creates an environment in which companies with the biggest ideas in fintech are empowered to change the world. As a global organization, we have offices in Austin, Dallas, Chicago, New York, Portland, Belfast, and Manila.If you are seeking a fast-paced and entrepreneurial environment where you'll have the opportunity to make an immediate impact, and you have the guts to change everything, this is the place for you. AFS has received a number of prestigious industry awards, including:2021, 2020, 2019, and 2018 Best Wealth Management Company - presented by Fintech Breakthrough Awards2021 Most Innovative Companies - presented by Fast Company2021 Best API & Best Trading Technology - presented by Global Fintech AwardsABOUT THIS ROLEThe Information Security Engineer role will help champion the Application Security, Cloud Security and Cybersecurity programs as an SME in security controls, applying best practices to our security standards, liaison between cross-functional teams (Product, Engineering, SRE, IT), shared services, and infrastructure. The role responsibilities will consist of secure code review, security configuration and development, automation workflows, DevSecOps, vulnerability remediation, secure infrastructure design, threat analysis, and deploying secure defenses. This position can be based out of either of Apex's Dallas or Chicago offices.Duties/ResponsibilitiesAct as a subject matter expert for security tools deployed such as but not limited to; threat detection, cloud security, application security, IAM, source code, and security logging technologies. Monitor cloud and data center infrastructure and proactively mitigate potential incidents and vulnerabilities. Investigate security events, alerts and incidents and participate in incident response workflows and processes. Provide guidance to our engineering and development teams on security standards and secure best practices. Conduct assessments of security controls and penetration tests for new and existing systems. Create and maintain documentation and architecture diagrams. Determine new or revised security measures and countermeasures for current security challenges and threat landscape.Independently architect, implement, deploy, and deliver solutions for various security technologies. Document and publish new security architectural standards and design guidelines. Provide technical expertise, team member mentoring and advice as it relates to security engineering. Assume product ownership, roadmap planning and sprint planning using agile and kanban frameworks. Ensure compliance with the latest regulations, standards, and laws related to information security and data confidentiality. Develop automation to improve security detection, scanning and remediation using custom scripts and "as-code" methods. Recommend new security technologies, processes and policies to reduce application and technology risk. Participate in security audits and assessments to provide evidence, interpret security controls and design technology solutions to maintain security certifications and frameworks. Education and/or ExperienceBachelor's degree in computer engineering, computer science, information technology, cybersecurity, or other related field (or equivalent work experience) required3+ years of experience in security engineering or 5+ years in security analyst, IT, computer engineering experience. Security Certifications preferred: CompTIA, AWS/GCP/Azure, GIAC, ISC2, EC-CouncilExperience with scripting and programming languages, including integration with APIs, such as Python, Perl, PowerShell, Bash, Java, Javascript, and Go. Experience in managing and monitoring a security architecture and ecosystem. Experience with cloud native platforms such as workloads, images, Kubernetes, serverless, cloud databases, load balancers, web application firewalls, etc. Experience building deployment pipelines, e.g., GitHub Actions. Experience with engineering/operational support of cloud configuration in AWS, Azure, or Google Cloud Financial Services or other highly regulated Industries experience preferred Required Skills/Abilities Knowledge in Application, Cloud, and Infrastructure security. Skilled in DevSecOps practices and source control management tools such as GitHub, Bitbucket etc. Skilled in implementing Infrastructure or Policy as Code (Terraform, OPA) Strong understanding of cloud service delivery models: containers, storage, and networks; virtual infrastructure management Familiarity with multiple security, vulnerability and threat frameworks such as NIST CSF, SOC2, ISO 27001, OWASP, EPSS, MITRE, CVSS, etc. Excellent analytical and problem-solving skills. Strong documentation and project management skills. Team oriented individual who can work on any size team. Ability to independently learn and work on multiple subjects and projects with minimal supervision and guidance. Ability to solve problems to independently and consistently handle production/business problems to successful resolution. Work EnvironmentThis job operates in a hybrid, office environment.#engineering #associate #full-time #LI-SD1 #APEXPlease note this job description is not designed to cover or contain a comprehensive listing of activities, duties, or responsibilities required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.Our RewardsWe offer a robust package of employee perks and benefits, including healthcare benefits (medical, dental and vision, EAP), competitive PTO, 401k match, parental leave, and HSA contribution match. We also provide our employees with a paid subscription to the Calm app and offer generous external learning and tuition reimbursement benefits. At AFS, we offer a hybrid work schedule for most roles that allows employees to have the flexibility of working from home and one of our primary offices.EEO StatementApex Fintech Solutions is an equal opportunity employer that does not discriminate on the basis of race, color, religion, sex (including pregnancy, sexual orientation, and gender identity), national origin, age, disability, veteran status, marital status, or any other protected characteristic. Our hiring practices ensure that all qualified applicants receive fair consideration without regard to these characteristics.Disability StatementApex Fintech Solutions is committed to creating an inclusive and accessible workplace for all candidates, including those with disabilities. We are dedicated to ensuring equal employment opportunities and providing reasonable accommodations to qualified individuals with disabilities. If you require reasonable accommodations to participate in the application or interview process, please submit your request via the Candidate Accommodation Requests Form. We will work with you to provide the necessary accommodations to ensure your full participation in our hiring process.