Senior Security Engineer

Summary

Join Splash Financial as a Senior Security Engineer and contribute to strengthening our cybersecurity posture. You will play a hands-on role in implementing and operating key security technologies and processes, collaborating with various teams to ensure secure development practices, regulatory compliance, and effective risk management. This role involves developing and implementing data loss prevention strategies, operating and enhancing our SIEM platform, partnering with engineering and IT teams to remediate vulnerabilities, and supporting compliance initiatives. You will also participate in security risk assessments, refine incident response processes, develop security documentation, and contribute to improving our security posture. The ideal candidate thrives in a fast-paced environment and is passionate about building and scaling security solutions. Splash offers a remote-first work environment and a comprehensive benefits package.

Requirements

• 5–8 years of experience in a security engineering role, preferably in cloud-native or SaaS environments
• Hands-on experience with SIEM, DLP, vulnerability management, and endpoint protection tools
• Familiarity with compliance frameworks such as SOC2, PCI DSS, or ISO 27001
• Ability to work cross-functionally with engineering, IT, and business stakeholders
• Strong problem-solving skills and the ability to manage multiple priorities in a fast-paced environment
• Excellent written and verbal communication skills, with a collaborative mindset
• Relevant certifications include Security+, GSEC, AWS Security Specialist, Certified Kubernetes Security Specialist

Responsibilities

• Contribute to the development and implementation of data loss prevention (DLP) strategies and tooling to reduce risk of data exfiltration
• Operate and enhance our SIEM platform, tuning alerts and contributing to incident response workflows and playbooks
• Partner with engineering, IT, and product teams to identify and remediate vulnerabilities through regular scanning and patch management
• Participate in security risk assessments and help track remediation efforts across teams
• Support compliance initiatives by assisting in the implementation and maintenance of security controls aligned with frameworks like SOC2, PCI, or ISO 27001
• Assist in the refinement and execution of our security incident response process
• Develop and maintain security documentation including procedures, runbooks, and training materials
• Support periodic cybersecurity maturity assessments and contribute to improving security posture based on findings
• Create and maintain dashboards and reporting mechanisms to track security metrics and control health
• Help deliver security training and awareness campaigns, including secure data handling and phishing simulation programs

Benefits

• Fully remote work freedom
• Competitive salary packages
• Flexible PTO + 9 company holidays
• Equity: Share in our start-up success
• Comprehensive and affordable insurance benefits
• Paid parental leave for both caregivers
• Essential equipment to get the job done
• 401(k) for your future savings
• Quarterly meet-ups: In person & virtual fun
• Awesome Splash swag to flaunt your team spirit