Principal Cybersecurity Engineer

Summary

Join Array, a remote-first financial innovation platform, as a Principal Cybersecurity Engineer. You will be responsible for proactively defending Array's systems and networks from cyberattacks, shaping the organization's security strategy, and ensuring compliance with industry standards. This role involves leading incident response, securing cloud-based architectures, and mentoring team members. The position offers a competitive salary, comprehensive benefits, and opportunities for professional growth within a fast-growing fintech company. A degree in a related field and minimum 8 years of experience in cybersecurity and software development are required. The position is open to both contract and full-time employment.

Requirements

• A degree in Computer Science, Computer Engineering, IT, Systems Engineering, or a related field
• Minimum 8 years of combined experience in Cyber Security and Software Development
• Programming skills in one or more languages (Go, Python, or JS)
• Experience with security testing tools and techniques (e.g., Burp Suite,SonarCloud)
• Familiarity with security frameworks and standards (e.g., OWASP, NIST, PCI)
• Experience with secure software development practices (e.g., DevSecOps)
• Ability to champion and maintain a secure software development program
• Ability to mentor, peer review, and assess code with a “security first” lens
• Experience in securing micro service based architectures and delivery solutions
• Expertise in securing cloud based architectures including GCP, AWS, and Azure as well as traditional infrastructure
• Strong awareness of cybersecurity trends, hacking/exploitation techniques, and the latest defensive measures
• Interest in securing cloud environments from cyber exploitation
• Exceptional attention to detail with an analytical mind and outstanding problem-solving skills

Responsibilities

• Participate in the design, development, and testing of secure software and architecture
• Lead incident response and remediation efforts for system and network security events
• Plan, prioritize, implement, manage, monitor, and upgrade security measures to protect Array’s data, systems, and networks
• Analyze security event logs, application and network data, and correlation rules while developing analytics to enhance Array's security posture
• Conduct code reviews and mentor to identify and address security vulnerabilities
• Identify emerging information security threats and implement proactive defense measures
• Evaluate architectural changes for security implications, recommend enhancements, and contribute expertise during architecture reviews to harden Array’s evolving platform
• Develop and maintain information security activity monitoring reports
• Produce assessments and communicate findings and recommendations to relevant teams across the organization

Preferred Qualifications

• Familiarity with security measures across multi-vendor platforms
• Experience with ethical hacking and penetration testing
• Reverse engineering expertise
• Industry-recognized certifications such as Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), GIAC Certified Incident Handler (GCIH), or Certified Information Systems Security Professional (CISSP)

Benefits

• Full medical, dental, and vision, premiums covered at 100% for full-time employees and 70% for dependents
• Unlimited PTO and sick leave + 14 company holidays to encourage a healthy work-life blend
• 100% 401k match up to 4% with immediate vesting
• Generous and competitive parental leave for all parents
• $1,000 desk setup subsidy to set-up your unique remote office
• $100/month to subsidize wifi/cell phone expenses
• Summer Fridays (half-day Fridays) typically from late May to the end of August
• AnniversArray Kits for work anniversaries