Senior Security Engineer

Who We Are

Cross River is a highly profitable, fast-growing financial technology company powering the future of financial services. Our comprehensive suite of innovative and scalable embedded payments, cards, and lending products deliver financial services for millions of businesses and consumers around the globe. Cross River is backed by leading investors and serves the world’s most essential fintech and technology companies. Together with its partners, Cross River is reshaping global finance and financial inclusion. 

We are on a mission to build the infrastructure that propels access, inclusion, and the democratization of financial services. While our company has tripled in size over the last three years, our strong sense of purpose led Cross River to be named to American Banker’s list of Best Places to Work in Fintech for the last 6 years. The reason for this success is simple – our nimble and collaborative family culture lives in every member of our growing team. Together we are at the forefront of technology and innovation, and we invite passionate, collaborative, and motivated high performers to join our expanding team.

What We're Looking For

We are seeking a highly skilled and experienced Senior Security Engineer to join our team. In this role, you will be responsible for designing, implementing, and maintaining security solutions to protect our organization’s assets, infrastructure, and data. You will work closely with cross-functional teams to identify security risks, develop security strategies, and ensure compliance with industry standards. The ideal candidate will have a strong background in information security, a deep understanding of threat detection and prevention, and the ability to mentor junior team members. Align with IT support and operations to perform the security function of support.

Key Responsibilities:

Design and Implement Security Measures: Develop and maintain robust security architectures and controls across networks, applications, and systems to protect against unauthorized access, cyber threats, and data breaches.

• Threat Detection and Incident Response: Monitor and analyze security events, conduct investigations, and respond to security incidents to minimize potential impact on the organization. Proficiency in configuring and administering End point protection systems
  • Microsoft defender
  • Crowdstrike
  • Data Leakage Prevention tools and implementation

Email Security

• Familiar with various email security tools – spam filtering and how to set it up, email encryption, email DKIM (Domain Keys identified mail)

Vulnerability Management: Identify, assess, and prioritize vulnerabilities across systems, applications, and networks, and work with relevant teams to ensure timely remediation.

• Digital certification management

Security Assessments and Audits: Conduct regular security assessments, penetration tests, and audits to evaluate the effectiveness of security controls and identify areas for improvement.

Risk Management: Collaborate with stakeholders to assess and manage security risks, performing risk assessments and implementing mitigation strategies.

Mentorship and Leadership: Mentor junior security engineers and help develop their technical skills; provide guidance and support in complex security projects.

Stay Informed on Emerging Threats: Continuously research and stay up to date on the latest security threats, technologies, and industry trends to proactively strengthen security posture.

Qualifications:

• Bachelor’s or Master’s degree in computer science, Cybersecurity, Information Technology, or related field.
• 5 -10 years of experience in information security, with a focus on network, application, or infrastructure security.
• Strong understanding of security frameworks (e.g., NIST, ISO 27001), regulatory requirements (e.g., GDPR, HIPAA), and industry best practices.
• Proficiency with security tools such as SIEM, IDS/IPS, firewalls, vulnerability scanners, and endpoint protection.
• Hands-on experience with cloud security (AWS, Azure, GCP), including knowledge of cloud-native security controls.
• Familiarity with programming/scripting languages (e.g., Python, PowerShell) and automation for security processes.
• Strong analytical and problem-solving skills, with the ability to think strategically and tactically.
• Relevant certifications (e.g., CISSP, CISM, CEH, GIAC) preferred.

Key Skills:

• Network and system security
• Threat detection and incident response
• Vulnerability assessment and remediation
• Security architecture and policy development
• Cloud security (AWS, Azure, GCP)
• Risk management

#LI-TP1 #LI-Onsite

Salary Range: $120,000.00 - $170,000.00