Key skills
Generative AI (GenAI) securityAgentic AI securityPrompt injection mitigationLLM securityData pipeline protectionRuntime protection for AI systemsSecure communication between AI agentsAWS cloud securityGCP cloud securitySecurity engineeringCI/CD securitySecurity product design reviewsZero trust architectureMicroservices securityDistributed systems securitySecurity tools implementationSecurity compliance frameworks SOC 2Security compliance frameworks PCI DSSSecurity compliance frameworks NISTAIGenerative AIGenAILLMAgenticAWSGCPLeadershipCommunicationCloud SecurityZero Trust
About this role
MX is a fintech company on a mission to empower the world to be financially strong, building technology that enhances financial experiences. The Director of Security Engineering will lead the operational security capabilities, evolve threat detection and response programs, and drive strategic improvements within the organization.
Responsibilities:
- Develop and refine the overall vision and strategy for the Security Engineering and Operations program, aligning it with business objectives, risk appetite, and industry best practices
- Lead, mentor, and develop a high-performing team of cybersecurity engineers, focusing on the concepts of Service Ownership. Own and direct a service ownership model for all security services based on security design foundations. The services will be closely tracked for effectiveness using service outcome metrics, maturity metrics, and business ROI metrics. Foster a collaborative and results-oriented environment. Assign tasks, provide feedback, and conduct performance reviews
- Continuously evaluate and improve engineering processes and system/control performance, identifying areas for automation, optimization, and increased efficiency. Develop and maintain relevant policies, procedures, and standards
- Partner with cross functional teams to perform product requirements analysis and design reviews to ensure the delivery of services that protect our customers data and preserve the integrity of all MX platform processes
- Evaluate, select, and implement technology solutions and tools that efficiently provide required security control capabilities, with a specific focus on robust security in AWS cloud environments. Ensure the effective utilization of these tools and integrate them with other security systems. Stay current with emerging security technologies and threats, including those related to GenAI and agentic AI
- Develop and maintain key performance indicators (KPIs) and metrics to track the performance and effectiveness of security technologies and the overall security engineering program. Provide regular reports to peers and leadership on trends, progress, risks, and overall security posture
- Partner with the Governance, Risk, and Compliance (GRC) team to strike a balance between enforcing controls and maintaining engineering velocity. Ensuring compliance with relevant security regulations and standards (e.g., PCI DSS, SOC2, & NIST). Support internal and external audits as necessary
- Effectively communicate information related to the security engineering program to technical and non-technical audiences. Collaborate with other security teams, IT operations, and business units. Cultivate and evangelize a culture of security across MX through training, internal communications, and stakeholder engagement, making security a shared responsibility at every level
- Serve as a strategic partner to all MX business teams to drive cross-functional security initiatives, reduce technical debt, and implement pragmatic, risk-based and scalable solutions
Requirements:
- 10+ years of experience in cybersecurity, security engineering, or related fields
- 5+ years in a leadership role overseeing security operations or engineering teams
- 5+ years of hands-on experience in cloud security, particularly in AWS or GCP environments
- 3+ years of experience securing Generative AI (GenAI) systems, including LLM security, prompt injection mitigation, and data pipeline protection
- Experience securing agentic AI systems, including runtime protection and secure agent communication
- Strong understanding of modern security architecture patterns, including zero trust, microservices security, and distributed systems
- Experience implementing and optimizing security tools and platforms across cloud environments
- Experience partnering with GRC teams and supporting compliance frameworks (e.g., SOC 2, PCI DSS, NIST)
- Bachelor's degree in Computer Science, Cybersecurity, or related field (Master's or relevant certifications preferred)