Advanced Security Engineer

Feedzai is the world’s first RiskOps platform for financial risk management, and the market leader in safeguarding global commerce with today’s most advanced cloud-based risk management platform, powered by machine learning and artificial intelligence. Feedzai is securing the transition to a cashless world while enabling digital trust in every transaction and payment type. The world’s largest banks, processors, and retailers trust Feedzai to protect trillions of dollars and manage risk while improving the customer experience for everyday users, without compromising privacy. Feedzai is a Series D company and has raised $282M to date. With a valuation of $2 billion, our technology protects 1 billion consumers and 90 billion transactions each year.

The Security Team keeps Feedzai products and systems secure. We work on risk reduction and security issue mitigation as we continue to move forward and grow. We maintain compliance and security best practices aligned with industry standards, as we work in a very regulated environment and do develop our own software and services. The Security Team is involved from the beginning of production to meet and exceed our client expectations and be the top SME in the industry. We run our own Security Operations Center services and incident response with state of the art tools. We are dynamic, tenacious, and driven by our passion for fighting financial fraud and crime with our socially responsible products. Join Us!

You

You’ll be working with a team that's responsible for the security across all ongoing initiatives, products, processes and applications at Feedzai. This will be a very senior role within this team, someone able to work across teams and coach other more junior team members also.

Your day–to–day

Design and architect robust security controls with 'secure by default' principles, ensuring long-term maintainability and systemic incident resilience across the organization;

Review technical designs to identify security weaknesses and provide assistance on how to address them;

Provide subject matter expertise on security across ongoing initiatives to the organization;

Lead the technical execution of multi-team security initiatives, influencing cross-team priorities and aligning technical roadmaps with direct business impact;

Work closely with other functional areas and/or departments in the identification of requirements and designing of solutions;

Produce high-quality narratives and investment cases supported by facts and data, translating complex security challenges into comprehensive business language for company-wide stakeholders;

Perform internal and external penetration tests, ensuring timeliness and accuracy of reports;

Assist in the support of compliance with core applicable standards and regulations (PCI DSS, ISO/IEC 27001, SOC 2, NIST, CIS, GDPR) and participate in the audit processes.

Your Have & You Know-How

Willingness to learn and to stay up-to-date with the state of the art;

Break things attitude, so that we can improve (hacker-type of attitude);

Expert knowledge across web, application, hardware & network security;

Solid understanding of encryption, key management & distribution;

Extensive knowledge and experience with cloud service providers such as AWS, Azure, or GCP;

Extensive knowledge with Kubernetes security;

Knowledge of PCI DSS, ISO/IEC 27001, NIST, CIS, and GDPR standards and regulations preferred;

Strong business and financial acumen, with the ability to understand the economic implications (cost efficiency, operational burden, time-to-value) of security engineering decisions;

4+ years of relevant professional experience;

Demonstrated experience developing, deploying, and monitoring secure systems;

Demonstrated experience implementing AI-driven approaches to optimize security workflows and leading the adoption of new AI technologies;

Global experience in leading and supporting cross-functional projects, interacting effectively with all levels of the company;

Track record of managing projects with quality, detail, and consistency;

Background in engineering with a deep passion for making all things secure;

Excellent communication skills (written and verbal) with an ability to articulate complex topics in a clear and concise manner.