Cybersecurity Engineer (SaaS and Infrastructure Security)

Pontera is a fintech company on a mission to help people retire better. Our software platform enables retirement savers to get the help they need managing their 401(k) and other retirement plan accounts as part of a personalized strategy by their trusted financial advisor. 

Pontera is used by financial advisors across the nation– from SMB to Fortune 500 RIA firms, independent broker-dealers, plan custodians, and plan advisors. 

Backed by leading venture capital firms including ICONIQ Growth and Lightspeed Venture Partners, Pontera is built by talented individuals who share a dedication to helping people retire with greater security. 

Our team is fast-growing and driven to become one of the largest fintech companies in the world.  Our culture is built on a people-first principle: in a complex and numbers-driven industry, we never lose sight of the people we serve and work alongside. That’s where you come in.

At Pontera, we leverage cutting-edge cloud technologies and maintain a robust internal IT infrastructure to propel our business operations forward. We are seeking a versatile Cybersecurity Engineer who specializes in SaaS security and is proficient in broader system, network, and data security. This role is critical in protecting our digital assets, both in the cloud and across other IT resources, and involves collaboration with various teams to fortify our cybersecurity framework.

JOB RESPONSIBILITIES

• Risk Assessment and System Security: Conduct risk assessments for SaaS and non-cloud environments. Develop and refine mitigation strategies to enhance the security and compliance of operational systems continuously.
• Secure Architecture Design: Analyze and design secure architectures for SaaS initiatives and non-cloud projects. Ensure architectural decisions consistently support optimal security standards and reflect the latest industry best practices.
• Security Project Leadership: Lead projects from the selection through to the implementation of security systems. Manage project timelines, resources, and team coordination, ensuring that all integrations align with business objectives and infrastructure requirements.
• Incident Response, Detection, and Compliance: Design and configure systems to align with incident response playbooks and security standards. Participate in incident response activities as necessary, and conduct regular security audits to analyze security events and logs.
• Engineering and Automation: Utilize programming expertise to automate security processes across SaaS and traditional IT environments.
• Cross-Functional Collaboration: Work collaboratively with IT, DevOps, GRC, DevSecOps, and business units to ensure a unified approach to security practices across all platforms.
• Education and Training: Lead educational initiatives to raise security awareness and skills, focusing on both SaaS and general IT security among all staff.

REQUIREMENTS:

• Bachelor’s or master’s degree in Computer Science, Information Security, or a related field; further certifications in cloud and cybersecurity (e.g., CISSP, CISM, CCSP, CCSK) are highly desirable.
• Minimum of 5 years of cybersecurity experience with significant expertise in securing SaaS applications and broader IT infrastructures. Strong preference for candidates with proven experience implementing solutions such as CASB, SSPM, and DSPM.
• Familiarity with major SaaS platforms such as GSuite, Atlassian, Salesforce, and HubSpot is beneficial. More importantly, candidates should demonstrate the ability to quickly adapt to and secure various SaaS environments according to best security practices.
• In-depth knowledge of secure architecture practices, particularly in cloud and SaaS environments.
• Deep understanding of risk assessment techniques and proven experience in implementing mitigation strategies across various IT platforms.
• Proficiency in security frameworks and regulatory compliance, including but not limited to ISO 27001, NIST, GDPR, and SOC 2.
• Exceptional analytical and problem-solving skills, capable of performing under pressure.
• Strong communication and interpersonal skills, with a proven track record of effective collaboration in a team-oriented environment.

• Opportunity: Have a major impact at a fast-growing startup that is revolutionizing the FinTech industry
• Team Culture: A collegial, collaborative, fun work environment with frequent team events
• Equity: All new hires are eligible for equity grant participation
• Professional Development: Sponsored learning & development program
• Work Flexibility: A hybrid office work model (In-Office Mon/Tues/Weds and WFH Sun//Thurs)