Senior Security Engineer (Hybrid or Remote)

Job description

About The Role We are looking for a Senior Security Engineer to lead security governance, compliance, and assurance work in our fully cloud-native AWS environment. You will work as part of our security team, owning a broad scope: running security reviews and approvals for new initiatives, leading access reviews, designing our vulnerability and incident response frameworks, driving PCI DSS, DORA, and CSSF audits, and managing external penetration testing programs. We are an EMI-licensed fintech, use AI heavily, and we are growing fast. We need someone who can keep our security in good shape for regulators and auditors, explain it clearly to leadership, and ship practical solutions instead of paperwork. Your Mission: Security Reviews & Access Governance: Vulnerability Management, Incident Response & Pentesting Compliance & Audit (PCI DSS, DORA, CSSF) - Review new products, features, architectural changes, vendors, and AI systems early in design – give a clear verdict on what's safe to ship, what must be fixed first, and what we accept. - Own access recertification end-to-end (scope, automation, evidence, audit readiness) and make sure joiner/mover/leaver, privileged access, and SoD c...