Staff Security Engineer
Staff Security Engineer
Parafin
Parafin is seeking a Staff Security Engineer to enhance its security posture across cloud and platform environments. The role involves designing and operating security controls, collaborating with engineering and compliance teams, and ensuring the security and compliance of foundational systems that support small businesses. The company is backed by prominent venture capitalists and focuses on providing financial tools to small businesses through partnerships with major platforms.
Qualification
- 8+ years of experience in security engineering or related fields.
- Strong understanding of cloud security principles and practices.
- Experience with identity and access management frameworks.
- Familiarity with security monitoring tools and incident response processes.
- Knowledge of compliance frameworks such as SOC 2 and PCI DSS.
- Ability to collaborate effectively with cross-functional teams.
- Experience in vulnerability management and secure coding practices.
- Strong analytical and problem-solving skills.
Responsibility
- Lead efforts to improve Parafin’s overall security posture across infrastructure, applications, and data systems.
- Develop and maintain frameworks for identity, access management, and least-privilege enforcement.
- Establish and operate best-in-class security monitoring, alerting, and incident response processes.
- Partner with product and infrastructure engineers to embed secure-by-default patterns in systems and applications.
- Define and enforce standards for vulnerability management, secrets handling, and dependency integrity.
- Collaborate with compliance and risk teams to build and maintain controls aligned with frameworks such as SOC 2, PCI DSS, and other fintech regulations.
- Support audits and security assessments by ensuring controls are properly implemented and evidenced.
- Contribute to security awareness and training efforts across engineering teams.
- Influence long-term strategy on secure architecture, detection, and response automation.
