Senior Security Infrastructure Engineer
Sezzle
- Corrientes
- Permanente
- Tiempo completo
With a mission to financially empower the next generation, Sezzle is revolutionizing the shopping experience beyond payments, blending cutting-edge tech with seamless, interest-free installment plans that make shopping smarter and more accessible.
We're not just transforming payments; we're redefining how people discover, interact with, and purchase the things they love while driving real impact on merchant sales through increased conversions and higher order values.
As we continue to shape the future of fintech and retail, we're building an innovative, dynamic team passionate about creating more than just a transaction but a truly unique shopping journey.
Compensation
For this principal development role, with 6+ years of experience, the compensation range is $5,000 – $9,500 USD per month (Gross) based on experience level.
About the Role
We are seeking a hands-on, high-impact Senior Security Infrastructure Engineer to help strengthen Sezzle's security posture across cloud infrastructure, applications, and developer workflows.
This role is ideal for someone who thrives in a fast-paced environment and wants to work on real-world security problems at scale.
What You'll Do
Lead and operate vulnerability management across infrastructure, platforms, and applications – including internal scans, dependency analysis, and external findings, validating true positives and driving remediation with engineering teams.
Build, operate, and mature SIEM/XDR capabilities, including log ingestion, detection rule development, alert tuning, and investigation workflows.
Investigate and respond to security incidents across cloud infrastructure and applications, performing root cause analysis and driving long-term fixes.
Design and implement detection strategies for suspicious activity, including data exfiltration patterns using application and database telemetry.
Lead and contribute to threat modeling exercises and security design reviews to identify risks early and strengthen architecture.
Apply deep expertise in AWS and Kubernetes to design, secure, and improve resilient and secure cloud infrastructure at scale.
Drive infrastructure and CI/CD hardening initiatives, focusing on reducing software and container supply chain risk.
Lead efforts to implement and improve dependency and container supply chain risk detection systems and controls.
Partner closely with engineering teams to remediate vulnerabilities and improve secure development and deployment practices.
Support and implement security controls aligned with PCI DSS, SOC 2, and other compliance requirements.
Develop and implement automation (including AI where appropriate) to improve efficiency in security operations, detection, and response.
Triage and validate external security findings, distinguishing true positives and coordinating remediation.
What We Look For
6+ years of experience in security, software, or infrastructure engineering, with hands-on experience securing cloud-based production systems.
Experience contributing to threat modeling and security design reviews for modern systems.
Strong hands-on experience in vulnerability management, including scanning, triage, validation, remediation coordination, and verification.
Experience working with SIEM platforms (e.g., Wazuh, Splunk, ELK) for detection engineering, monitoring, and incident response.
Practical experience triaging findings from vulnerability scanners and bug bounty programs.
Strong knowledge of AWS, Linux, and Kubernetes infrastructure, including security architecture, hardening, and operational best practices.
Experience improving infrastructure security, including CI/CD hardening and mitigating software supply chain risks.
Experience with container and dependency security tools (e.g., Snyk, Trivy, Grype).
Ability to investigate issues directly using logs, cloud tooling, and system-level data.
Knowledge of common security vulnerabilities and mitigation strategies (OWASP, SANS).
Working knowledge of compliance frameworks such as PCI DSS and SOC 2.
Preferred Knowledge and Skills
Experience designing and tuning detection rules, reducing alert noise, and improving investigation workflows.
Strong understanding of cloud-native security controls, including IAM, network segmentation, and container security.
Familiarity with log-based detection, telemetry pipelines, and security analytics use cases.
Experience designing secure CI/CD workflows that reduce exposure to vulnerable dependencies and untrusted artifacts.
Ability to assess application and infrastructure risk and translate findings into actionable improvements.
Experience aligning technical security work with regulatory and compliance expectations.
Experience using automation and AI to reduce manual effort and improve consistency at scale.
About You
You think proactively about security and work to address risk early through clear design feedback and practical engineering solutions.
You bring strong cloud and infrastructure judgment, especially in AWS and Kubernetes environments.
You raise the bar on hardening and operational discipline, especially in CI/CD and supply chain security practices.
You approach security monitoring with an investigator's mindset and can turn telemetry into meaningful detection and response outcomes.
You are excited to use automation and emerging technologies (including AI) to automate repetitive security work and improve team effectiveness.
You balance strong security standards with business needs and can support privacy and compliance requirements in a practical, scalable way.
You have relentlessly high standards – many people may think your standards are unreasonably high.
You continually raise the bar and drive those around you to deliver great results.
You're not bound by convention – your success, and much fun, lies in developing new ways to do things.
You need action – speed matters in business.
Many decisions and actions are reversible and do not need extensive study.
You earn trust – you listen attentively, speak candidly, and treat others respectfully.
You have backbone; disagree, then commit – you can respectfully challenge decisions when you disagree, even when uncomfortable or exhausting.
You deliver results – you focus on key inputs, deliver with quality and timeliness, and rise to the occasion when setbacks arise.
Languages: Golang, TypeScript, Python
Frontend: TypeScript – React and React Native
Version Control: Git
CI/CD: GitLab
Testing: Developer and AI-driven; focus on automated end-to-end, integration, and unit tests
Open Source: Sezzle is focused on using open source, building what we can before buying!
What Makes Working at Sezzle Awesome?
At Sezzle, we are more than just brilliant engineers, passionate data enthusiasts, out-of-the-box thinkers, and determined innovators; we are skilled musicians, yogis, cyclists, chefs, golfers, dog-lovers, and rock-climbers.
We believe in surrounding ourselves with not only the best and the brightest individuals, but those that are unique and purpose-driven in all that they do.
Our culture is not defined by a set of perks designed to give the illusion of a traditional startup culture, but rather, it is the visible example living in every employee that we hire.
#J--Ljbffr
Buscojobs