Key skills
AWSKubernetesIAMCommunicationCollaboration
About this role
Parafin is a company dedicated to supporting small businesses by providing them with essential financial tools. The Staff Security Engineer will be responsible for enhancing the security posture of Parafin's cloud and platform environments, ensuring that systems are secure, reliable, and compliant while collaborating with various teams to manage access and respond to security incidents.
Responsibilities:
- Lead efforts to improve Parafin’s overall security posture across infrastructure, applications, and data systems
- Develop and maintain frameworks for identity, access management, and least-privilege enforcement
- Establish and operate best-in-class security monitoring, alerting, and incident response processes
- Partner with product and infrastructure engineers to embed secure-by-default patterns in our systems and applications
- Define and enforce standards for vulnerability management, secrets handling, and dependency integrity
- Collaborate with compliance and risk teams to build and maintain controls aligned with frameworks such as SOC 2, PCI DSS, and other fintech regulations
- Support audits and security assessments by ensuring controls are properly implemented and evidenced
- Contribute to security awareness and training efforts across engineering teams
- Influence long-term strategy on secure architecture, detection, and response automation
Requirements:
- 8+ years of experience in security operations or application security, preferably in a cloud-native and regulated environment
- Strong understanding of AWS security, including IAM, VPC, and network segmentation best practices
- Experience with threat detection and response, vulnerability management, and incident response workflows
- Familiarity with Kubernetes and container security principles, including RBAC, admission controls, and runtime monitoring
- Knowledge of compliance frameworks (SOC 2, PCI DSS, ISO 27001) and how to operationalize them in engineering environments
- Strong communication and collaboration skills — comfortable working across engineering, product, and compliance teams
- Experience building or maturing a security operations or application security program at scale
- Background in security automation, threat modeling, or secure architecture reviews
- Familiarity with developer-focused security enablement — e.g., SAST/DAST integration, dependency scanning, or security education
- Experience in regulated or fintech environments where security and speed must coexist