Lead Security Engineer

📋 Description

• • Fair Isaac Corporation (FICO) is seeking a Lead Security Engineer to join their Cloud & Infrastructure Security team. This is a critical, hands-on engineering role focused on designing, implementing, and operating robust security solutions that protect both on-premise datacenters and cloud environments. The primary objective is to build scalable, automated, and resilient security controls that empower business operations while demonstrably reducing organizational risk. This position is instrumental in safeguarding FICO's extensive global operations, which span over 100 countries and involve critical areas such as credit scoring, fraud detection, and lending, impacting billions of financial transactions worldwide.
• • As a Lead Security Engineer, your day-to-day responsibilities will be diverse and technically demanding. You will be instrumental in building and automating sophisticated security solutions leveraging tools like Terraform, CI/CD pipelines, and policy-as-code frameworks. A significant part of your role will involve engineering and implementing Secure Service Edge (SSE) capabilities, including managing internet access and endpoint connectivity through platforms such as Zscaler (ZIA and ZCC). You will also own the implementation and operation of application edge security solutions, encompassing Web Application Firewalls (WAF), Bot Protection, and Content Delivery Network (CDN) capabilities, utilizing platforms like Imperva. Furthermore, you will provide essential firewall governance and oversight, employing tools such as Netography and Firemon to ensure compliance and security posture. Your responsibilities extend to implementing and operating Cloud Security Posture Management (CSPM) and workload protection using platforms like Wiz. You will architect scalable security solutions within cloud environments, specifically AWS, ensuring seamless integration of security controls into development workflows through GitHub/Bitbucket and various CI/CD platforms. A key focus will be driving the adoption of "Security as Code" principles, which involves developing reusable modules, automation playbooks, and self-service deployment patterns to streamline security operations and enhance efficiency. You will collaborate closely with DevOps, Platform Engineering, and Application Security teams to embed robust boundary protection throughout every layer of the software delivery lifecycle. Integrating security tools with SIEM/SOAR platforms for centralized monitoring and response will also be a core function. You will actively contribute to critical security architecture decisions, participate in threat modeling exercises, and assist in risk-based prioritization of security initiatives. Finally, you will play a vital role in mentoring junior engineers, fostering their growth, and elevating the overall engineering expertise and standards within the team.
• • The Cloud & Infrastructure Security team at FICO is responsible for a suite of critical enterprise security services. These include Secure Service Edge, Application Edge Protection, Firewall Governance, and Cloud Security Posture Management (CSPM). This team operates at the forefront of protecting FICO's digital assets and infrastructure, ensuring the integrity and confidentiality of sensitive data and services that power FICO's global analytics solutions. The team is committed to an automation-first mindset, leveraging cutting-edge technologies and practices to deliver secure and scalable solutions. FICO itself is a leading global analytics software company, renowned for its role in helping businesses worldwide make better decisions. With a presence in over 100 countries, FICO's solutions are fundamental to credit scoring, fraud detection, and lending, impacting billions of payment cards and mortgages globally. The company is at the forefront of Big Data analytics, leveraging AI, machine learning, and optimization to drive business success for its clients, which include many of the world's largest banks, insurers, and retailers.
• • In this role, you will have the opportunity to significantly deepen your expertise in cloud security, automation, and modern security engineering practices. You will gain hands-on experience with leading security platforms and tools, including Zscaler, Imperva, Wiz, Terraform, and various CI/CD technologies. You will contribute to architectural decisions and threat modeling, enhancing your strategic security thinking. By mentoring junior engineers, you will develop leadership and communication skills. The role offers the chance to work with advanced technologies like AI-assisted coding tools and to influence the adoption of "Security as Code" across the organization. You will be at the forefront of protecting a company that is a leader in Big Data analytics and plays a crucial role in the global financial ecosystem, offering substantial professional development and career growth opportunities within a dynamic and innovative environment.
• • This role is a remote position based in Mexico, offering the flexibility to work from home. It provides a unique opportunity to join a world-class team at FICO, a company that is a leader in analytics software and plays a pivotal role in global financial decision-making. The position requires a deep technical understanding of cloud security principles, strong programming skills in Python, and extensive experience with Infrastructure as Code (IaC) tools like Terraform. You will be responsible for implementing and managing critical security services such as Secure Service Edge (SSE), application edge protection (WAF, Bot Protection), firewall governance, and Cloud Security Posture Management (CSPM). The role emphasizes automation and the integration of security into CI/CD pipelines, aligning with modern DevOps practices. You will architect and deploy security solutions on AWS, ensuring they are scalable and robust. Collaboration with various engineering teams and mentoring junior staff are also key aspects of this position. The ideal candidate will possess a strong foundation in network security, experience with specific security platforms like Zscaler and Imperva, and knowledge of container security and AWS services. The ability to balance security requirements with business needs and developer velocity is essential, as is experience with AI-assisted coding tools. This is a challenging yet rewarding opportunity for a seasoned security engineer looking to make a significant impact in a leading technology company.