Information Security Engineer
Information Security Engineer
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
Stax Payments is seeking a highly skilled and motivated Security Engineer to support and advance our growing security program. This individual will play a critical role in securing our cloud infrastructure and applications leading tool implementation initiatives and collaborating with teams across the business to enhance our overall security posture.
The ideal candidate brings strong technical experience in cybersecurity tools such as Security Information and Event Management (SIEM) Data Loss Prevention (DLP) & Web Application Firewalls (WAFs). Additionally a successful candidate will have experience in AWS Cloud Infrastructure Zscaler & Okta along with a collaborative mindset and ability to operate in a fast-paced agile environment.
Key Responsibilities
- Design implement and manage cloud-native security controls across AWS infrastructure (e.g. IAM KMS GuardDuty Security Hub SCPs).
- Data Loss Prevention (DLP) deployments and monitoring/support
- Single Sign-On (SSO) SAML2.0 OIDC OAuth WS-Fed
- Multifactor authentication (MFA) related to global policies and/or app sign-on policies
- Delegated Authentication related to active directoy
- Evaluate deploy and manage security tools (e.g. SAST DAST CSPM EDR WAF vulnerability management platforms).
- Lead and support internal rollouts of new security capabilities and tools; manage vendor engagement and performance.
- Monitor for emerging threats and contribute to incident response plans playbooks and escalations when necessary.
- Automate repetitive security processes using scripting (Python PowerShell or similar) and APIs.
- Collaborate with IT GRC and Compliance teams to ensure alignment with frameworks such as NIST PCI-DSS and SOC2.
- 5 years of hands-on experience in cybersecurity with an emphasis on cloud and application security.
- Strong knowledge of AWS security best practices (IAM security groups VPCs key management logging).
- Experience implementing or managing security tools such as CrowdStrike Zscaler Qualys or Splunk or similar technologies.
- Familiarity with DevSecOps principles and integrating security into CI/CD tools (e.g. GitHub Actions Terraform Jenkins).
- Proficiency in one or more scripting languages (Python Bash PowerShell) for automation.
- Solid understanding of secure coding practices OWASP Top 10 and common web app vulnerabilities.
- Familiarity with compliance frameworks (e.g. PCI-DSS SOC2 NIST 800-53).
- Strong analytical documentation and troubleshooting skills.
- Excellent communication skills with the ability to work across technical and non-technical teams.
Preferred Qualifications
- AWS Security Specialty or equivalent certification.
- DLP experience
- Zscaler & Okta Experience (certifications are a plus)
- Experience with Infrastructure-as-Code (e.g. Terraform CloudFormation).
- Prior work in a regulated or fintech environment.
- Experience leading tool implementations or migrations (e.g. endpoint protection logging platforms SIEM).
- Understanding of Zero Trust principles and identity-first security.
- Security certifications such as CISSP CSSP or other relevant certifications.
Employment Type
Full-Time
