Senior Application Security Engineer

About Us:  
Finix is the smartest way for businesses to own, manage, and monetize payments. Built by payments experts from Klarna, PayPal, and Worldpay, Finix is trusted by companies like Lightspeed POS Inc., Passport, and Clubessential to build and scale their payments infrastructure. Finix is headquartered in San Francisco, with an additional office in Chicago, Illinois. Finix is a privately held company funded by American Express Ventures, Bain Capital Ventures, Homebrew, Inspired Capital, Lightspeed Venture Partners, Sequoia Capital, Visa, and others. To learn more, visit https://finix.com/.
About the role:
The Engineering organization at Finix owns the delivery and stability of our product end-to-end. The Core Platform team ensures Finix’s complete payment platform is highly available, scalable, and performant. The Application Security Engineer is responsible for the securing of Finix’s platform by addressing security risks and providing mitigation recommendations.

You Will:

• Enable secure-by-default best practices by developing libraries and frameworks to prevent future vulnerabilities 
• Build tools that help manage, test, monitor, and improve system security
• Help develop security standards, preferred implementation patterns, secure common frameworks, and developer documentation and educational materials
• Conduct penetration testing, code scanning, dependency scanning that can be incorporated into SDLC process and CI/CD pipeline
• Contribute features, library patching, and security improvements to the Finix platform

You Are:

• Proactive in securing large-scale cloud-based production environments
• Excited about finding new and better ways to make software systems more secure
• Experienced software engineer capable of developing secure product features
• A proven self-starter, with self-initiative and a drive to take ownership
• Open, honest, and direct in your communications

You Have:

• 4+ years of experience working in an Application Security role 
• Extensive knowledge of internet security issues, cloud architectures, and threat landscape
• Strong software engineering experience using Java, Spring Boot, Gradle
• Web application penetration testing and source code vulnerability analysis skills
• Good understanding of secure communication, protocols, network security architecture, authentication protocols, and web applications
• Ability to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means

Finix is an equal opportunity employer and values diversity. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, disability status, or any other protected class.