Staff Security Engineer

Parafin Inc.

Job Overview

Location

Indiana, USA

Job Type

Full-time

Full Job Description

📋 Description

• Parafin is on a mission to empower small businesses by providing them with seamless access to essential financial tools through the platforms they already use. We bridge the gap left by traditional banking by partnering with leading companies like DoorDash, Amazon, Worldpay, and Mindbody to offer fast, flexible funding, spend management, and savings solutions. Our innovative approach simplifies the complexities of capital markets, underwriting, servicing, compliance, and customer service, allowing our partners to focus on their core business. We are a dynamic and growing company, backed by prominent venture capitalists and comprised of a talented team with diverse backgrounds from industry leaders such as Stripe, Square, Plaid, Coinbase, Robinhood, and CERN. Our collective passion is to build technology that fosters the success of small businesses.
• As a Staff Security Engineer at Parafin, you will play a pivotal role in shaping and scaling our security posture across our cloud and platform environments. You will be an integral part of the Security and Infrastructure team, which is responsible for the foundational systems that power our entire operation, from compute and networking to identity and compliance. Your contributions will be central to ensuring these systems are not only secure but also reliable and compliant with industry standards.
• In this critical role, you will be instrumental in designing, implementing, and operating robust security controls, advanced tooling, and streamlined processes. Your work will focus on maintaining the resilience of our infrastructure and ensuring compliance, all while empowering our development teams to innovate and deploy rapidly and safely. You will foster strong partnerships with engineering and compliance teams to enhance our capabilities in access management, application security, threat monitoring, and incident response.
• Key responsibilities will include leading initiatives to elevate Parafin's overall security posture across our infrastructure, applications, and data systems. You will develop and maintain comprehensive frameworks for identity and access management, ensuring the principle of least privilege is strictly enforced across all systems.
• You will establish and operate best-in-class security monitoring, alerting, and incident response processes, creating a proactive defense against potential threats. A significant part of your role will involve collaborating closely with product and infrastructure engineers to embed secure-by-default patterns and practices directly into our systems and applications from the outset.
• Furthermore, you will define and enforce stringent standards for vulnerability management, secure secrets handling, and ensuring the integrity of our software dependencies. This includes implementing robust processes for identifying, assessing, and remediating vulnerabilities.
• You will work hand-in-hand with our compliance and risk teams to build and maintain controls that align with critical regulatory frameworks such as SOC 2, PCI DSS, and other relevant fintech regulations. This involves translating compliance requirements into actionable engineering practices.
• Supporting audits and security assessments will be a key function, ensuring that all implemented controls are properly documented, functioning as intended, and that evidence is readily available.
• You will also contribute to fostering a strong security culture by participating in and potentially leading security awareness and training efforts across our engineering teams, promoting best practices and a shared sense of responsibility for security.
• Finally, you will have the opportunity to influence the long-term strategic direction of our security initiatives, focusing on secure architecture design, advanced detection capabilities, and the automation of our response mechanisms to stay ahead of evolving threats.

🎯 Requirements

• 8+ years of experience in security operations or application security, preferably within a cloud-native and regulated environment.
• Strong understanding of AWS security principles and services, including IAM, VPC, and network segmentation best practices.
• Proven experience with threat detection and response, vulnerability management, and incident response workflows.
• Familiarity with Kubernetes and container security principles, including RBAC, admission controls, and runtime monitoring.
• Knowledge of compliance frameworks such as SOC 2, PCI DSS, and ISO 27001, and experience operationalizing them within engineering environments.
• Strong communication and collaboration skills, with the ability to work effectively across engineering, product, and compliance teams.

🏖️ Benefits

• Competitive salary range: $235k - $280k
• Meaningful equity grant
• Comprehensive medical, dental, and vision insurance
• Unlimited Paid Time Off (PTO)
• Work-from-home flexibility
• Commuter benefits
• Free lunches
• Paid parental leave
• 401(k) plan
• Employee assistance program

Skills & Technologies

AWS

Kubernetes

Senior

Remote

Ready to Apply?

Apply Externally

You will be redirected to an external site to apply.

Parafin Inc.

Visit Website

About Parafin Inc.

Parafin is a financial technology company that provides embedded financial services for B2B software platforms. Their core offering is a platform that allows businesses to offer financial products, such as lending and payments, directly within their existing software. This enables software companies to create new revenue streams and enhance their customer value proposition by providing seamless financial solutions to their users. Parafin operates in the fintech and SaaS industries, focusing on simplifying access to capital and financial tools for businesses through technology.

View Company Profile