EarnIn is reimagining how money moves in an effort to make financial success accessible to everyone. The company’s platform gives customers as many options as
Senior Security Engineer
Location
Mexico
Posted
3 days ago
Salary
0
Seniority
Senior
Job Description
Senior Security Engineer
EarnIn
Role Description We are looking for a passionate Senior Security Engineer to drive security engineering efforts within our growing Information Security organization. As a Senior Professional, you will be critical to embedding security and implementing guardrails for the company's AI-first strategy. You will be expected to demonstrate advanced technical skills, create significant impact across the engineering org, and foster a collaborative environment. You should have hands-on experience securing modern cloud and enterprise environments, a natural sense of curiosity, and a diplomatic approach to problem-solving. This is a remote position, though it could also be a hybrid role from our Mexico City office as part of our expanding site. What You'll Do - Threat Management: Monitor active threats, perform in-depth analysis of AI-related attack vectors (e.g., prompt injection, model poisoning), and lead the development of comprehensive remediation plans. - Infrastructure Security: Monitor, audit, detect, and remediate critical security exposures across our cloud infrastructure. - Incident Response: Respond to security incidents and manage the end-to-end incident response lifecycle. - Automation & Tooling: Implement advanced automation and AI agents for security tasks, including detection rule testing, auditing, metrics collection, and reporting to improve operational efficiency. - Security Architecture: Work cross-functionally with engineering teams to architect secure, scalable solutions, including implementing security guardrails and governance for AI/ML workloads and evaluating third-party security tools. - Mentorship & Expertise: Serve as a recognized security expert in multiple specialty areas and maintain strong awareness of the external threat landscape. - Process Improvement: Drive the implementation of security, technical, and process improvements across the organization. Qualifications - At least 4+ years of industry experience in security engineering or a related field. - Strong hands-on experience with AWS services (VPC, EC2, S3, EKS) and associated networking, IAM, and security controls in production environments. - Solid understanding of Docker and containerization, including building, optimizing, scanning, and securing container images and workflows. - Strong knowledge of Kubernetes architecture and experience operating or securing platforms like EKS in production. - Proficiency with Terraform to provision and manage cloud infrastructure in a repeatable, scalable manner. - Proficiency in at least one scripting or programming language, with a strong preference for Python to support security tooling and automation. - Foundational knowledge of general networking concepts, including TCP/IP, DNS, routing, firewalls, and load balancing across cloud and containerized environments. - In-depth knowledge of Threat/Intrusion Detection, Vulnerability Management, and specialized expertise in securing AI agents, LLMs, and Model Context Protocol (MCP) environments. - MS or Bachelor’s degree in Computer Science or an equivalent field. - At least 6 months of experience using AI-assisted development tools (e.g., GitHub Copilot, Cursor, ChatGPT, or similar tools) as part of your software development workflow. - Familiarity with compliance standards such as ISO 27001, SOC2, NIST, SOX, and PCI is a plus. - Experience with IAM tools (Okta, OneLogin), Zero Trust architectures, and Data Loss Prevention (DLP) solutions is a plus. - Experience with access control and PII management is a plus. - Previous experience in the financial services industry is highly preferred. - Experience with security orchestration, automation, and response (SOAR) technologies is a plus. Benefits - Excellent healthcare options. - Internet and cell phone reimbursement. - Learning and development stipend. - Potential opportunities to travel to our Mountain View headquarters.
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
Role Description At arrivia, we specialize in making brands better through the power of travel, combining decades of experience with a constant drive for technology innovation. This specific role is a fully remote opportunity based within Mexico. This role sits at the intersection of machine learning, cybersecurity, and full-stack engineering. You won't just be monitoring dashboards; you’ll be architecting intelligent defenses that keep our members and data safe from evolving digital threats by building high-scale, real-time security systems. As a core member of our IT Operations team, reporting to the Security Ops Lead, you will: - Design, build, and deploy AI-driven systems that detect and neutralize fraud, abuse, and intrusion. - Apply anomaly detection, graph analysis, and NLP to real-world security challenges. What You’ll Do - Design & Architect: Implement and scale AI/ML models to proactively detect, prevent, and respond to security threats such as identity risk, fraud, malware, and insider anomalies. - System Reliability: Build and maintain robust data ingestion, feature engineering, and real-time streaming pipelines (e.g., utilizing SQL/NoSQL databases and messaging frameworks like Kafka) to process high volumes of security events. - Deploy Microservices: Integrate AI security models directly into production workflows by developing high-performance, low-latency APIs and microservices (using frameworks like FastAPI, Flask, or Django). - Adversarial Research: Analyze adversarial attacks, threat modeling, and secure model design to adapt our defenses under evolving threat scenarios. - Automated Response: Enhance automated incident response, accelerating remediation workflows to significantly reduce manual threat investigation cycles. - Collaborative Impact: Partner with DevSecOps and Platform teams to build MLOps pipelines and embed AI-driven protections directly into containerized environments (Docker/Kubernetes). Qualifications - Bachelor's degree in Computer Science, Information Systems, Engineering, or a related field (Master's preferred). - 5+ years of software engineering experience, with a heavy focus on backend architecture, API design, and distributed systems. - 3+ years of experience in cybersecurity, fraud detection, trust & safety, or abuse prevention. - 2+ years of hands-on experience building and deploying machine learning models in a production environment. - High proficiency in English with strong collaboration and communication skills. - Must be based in Mexico and available to work remotely. Benefits - Collaborative, inclusive environment. - Direct impact on how millions of people experience the world. Company Description If you are ready to apply your AI and security expertise to a global mission from the comfort of your home office in Mexico, we’d love to hear from you.
Engineer, EIS - Endpoint Security
Molina HealthcareMolina Healthcare is a Fortune 500 managed care company with a storied history that dates back to 1980 and the opening of a medical clinic by Dr. C. David Molin
Role Description Builds company specific systems and technology expertise across multiple infrastructure and development disciplines. - Responsible for task management and adherence to process controls. - Responsible for troubleshooting and incident resolution for support functions. - Contributes to on-call rotation schedules and off-hour support activities. - Contributes to organize, manage and lead cross-team project tasks and deliverables. - Contributes to the Infrastructure Solution Architect project design function. - Contributes to solution architecture delivery within project management methodologies and timelines. - Contributes to root cause analysis and problem solving. - Contributes to tactical build and configuration activities. - Provides cross-organization teamwork, collaboration, communication and leadership. - Provides constructive feedback on people, process and technology for continuous improvement. Qualifications - Bachelor's Degree. Requirements - 1-4 years of IT technical experience with IT enterprise infrastructure. - Industry certifications preferred. Benefits - Molina Healthcare offers a competitive benefits and compensation package. Company Description - Molina Healthcare is an Equal Opportunity Employer (EOE) M/F/D/V.
• Reviewing RFDs from engineers on a variety of proposed projects for security and quality. • Pairing with the Cloud team to deploy service control policies (SCPs) in AWS to prevent undesired configurations. • Hunting for vulnerabilities using both traditional scanning tools and LLM / AI tools in innovative and creative ways. • Automating routine security and compliance processes to increase effectiveness and decrease busywork. • Implementing and maintaining log pipelines for valuable event data sources like critical SaaS apps or endpoint telemetry. • Engaging with the best red teams in the world to test and harden our detection and response capabilities. • Building response automation to reduce the risk of advanced attacks against Teleport systems. • Contributing to the Teleport product where we can improve the ability to defend for both us and our customers. • Ensuring that nobody (including you) is overwhelmed with false positive / noisy alerts through a tight feedback loop.
Role Description We are looking for a highly technical Security Engineer with deep experience across application security, AWS cloud security, offensive security, secure SDLC, threat modeling and AI security. This role is suited for someone who can operate at both the engineering and adversarial levels by reviewing architecture, testing applications, identifying exploitable weaknesses, automating security workflows, securing AWS infrastructure and helping product teams build resilient systems. The ideal candidate has hands-on experience with SAST, DAST, SCA, manual application security testing, AWS security reviews, red teaming, SIEM-driven detection workflows, infrastructure-as-code security and security automation. They should be comfortable working directly with engineering teams while also thinking like an attacker to uncover realistic abuse paths across applications, APIs, AWS services, CI/CD pipelines and AI-enabled systems. Key Responsibilities - Lead security reviews for web applications, APIs, microservices, AWS workloads, internal platforms and AI-enabled products. - Perform advanced application security testing using SAST, DAST, SCA, manual code review, API testing and business logic testing. - Identify vulnerabilities across authentication, authorization, session management, access control, injection, SSRF, deserialization, insecure file handling, data exposure and insecure API design. - Conduct threat modeling for new products, critical features, AWS architectures, AI workflows, identity systems and high-risk data flows. - Build and improve secure SDLC processes, including security requirements, code scanning, dependency review, CI/CD security gates and release risk assessments. - Review infrastructure-as-code templates such as Terraform, CloudFormation, AWS CDK, Helm charts and Kubernetes manifests for security misconfigurations. - Assess AWS environments for IAM weaknesses, exposed services, insecure networking, public S3 buckets, secrets leakage, logging gaps, encryption issues, workload risks and privilege escalation paths. - Review AWS IAM policies, roles, trust relationships, permission boundaries, service control policies, identity federation and cross-account access patterns. - Assess AWS services such as EC2, S3, Lambda, ECS, EKS, RDS, API Gateway, CloudFront, WAF, KMS, Secrets Manager, Systems Manager, ECR, VPC, Route 53 and IAM Identity Center. - Conduct red team exercises, adversary simulations, attack path analysis and controlled exploitation to validate real-world risk. - Develop proof-of-concept exploits, custom scripts and automation to reproduce vulnerabilities and demonstrate business impact. - Evaluate containerized and Kubernetes environments, including EKS, for workload isolation, RBAC issues, exposed services, image risks, secrets handling and runtime security gaps. - Assess CI/CD pipelines for insecure workflows, overprivileged tokens, secrets exposure, supply chain risks, artifact integrity and deployment abuse paths. - Perform software composition analysis to identify vulnerable dependencies, license risks, malicious packages, transitive dependency exposure and supply chain weaknesses. - Use SIEM and security telemetry to support investigations, validate attack paths, improve detections and measure control effectiveness. - Build detection logic, threat hunting queries, dashboards and alerting workflows using SIEM platforms such as Splunk, Microsoft Sentinel, Elastic, Chronicle or AWS-native telemetry. - Use AWS security services such as GuardDuty, Security Hub, CloudTrail, AWS Config, Inspector, Detective, Macie, IAM Access Analyzer, Security Lake and CloudWatch to improve visibility and detection coverage. - Automate security workflows using Python, Bash, PowerShell, Go or similar scripting languages. - Develop threat automation for vulnerability enrichment, alert triage, AWS posture checks, attack simulation, evidence collection and remediation tracking. - Partner with DevOps and platform teams to improve secrets management, identity controls, network segmentation, logging, monitoring and secure deployment patterns. - Assess AI and LLM-based systems for risks such as prompt injection, indirect prompt injection, data leakage, insecure tool use, excessive agency, jailbreaks, model abuse, retrieval poisoning and unsafe agent behavior. - Review AI workloads using AWS services such as Amazon Bedrock, SageMaker, Lambda, API Gateway, S3, KMS and IAM for secure design, data protection and access control. - Produce clear technical reports with evidence, exploitability, impact, likelihood, risk rating and actionable remediation guidance. - Mentor engineers and security team members on secure coding, AWS security, offensive testing, threat modeling and AI security risks. Qualifications - Strong hands-on experience in application security, product security, AWS cloud security, offensive security or security engineering. - Deep understanding of secure SDLC practices and experience embedding security into engineering workflows. - Practical experience with SAST, DAST, SCA, manual penetration testing, code review and vulnerability validation. - Strong knowledge of OWASP Top 10, OWASP API Security Top 10, OWASP ASVS, common CWE classes and real-world application attack techniques. - Experience testing web applications, APIs, microservices, cloud services, containers and distributed systems. - Strong understanding of authentication, authorization, identity federation, OAuth, OIDC, SAML, JWT, session security and access control design. - Hands-on experience securing AWS environments in production. - Strong knowledge of AWS IAM, VPC networking, encryption, KMS, Secrets Manager, S3 security, CloudTrail, GuardDuty, Security Hub, AWS Config and workload hardening. - Experience reviewing infrastructure-as-code and identifying security issues in Terraform, CloudFormation, AWS CDK, Kubernetes YAML, Helm, Dockerfiles or similar technologies. - Experience with CI/CD security across tools such as bitbucket pipelines, Jenkins, AWS CodePipeline, or similar platforms. - Experience with red teaming, adversary emulation, penetration testing, exploit development, attack path mapping or offensive security assessments. - Familiarity with SIEM platforms and the ability to write detection or hunting queries using SPL, KQL, SQL, Lucene, YARA, Sigma or similar languages. - Strong scripting ability in Python, Bash, PowerShell, JavaScript or similar languages. - Ability to automate repetitive security tasks and build internal tools that improve security testing, visibility and response. - Familiarity with container and Kubernetes security, including ECS, EKS, RBAC, admission controls, image scanning, runtime controls, network policies and secrets handling. - Ability to review code in languages such as Python, JavaScript, TypeScript, Java, Go, Kotlin, C# or similar. - Strong written and verbal communication skills, with the ability to explain complex technical risks to engineering and leadership teams. Preferred Qualifications - Experience securing AI-enabled applications, LLM products, autonomous agents, RAG pipelines, AI plugins or ML infrastructure. - Experience performing AI red teaming, prompt injection testing, jailbreak testing, model abuse testing or evaluation of agentic workflows. - Experience with AWS Organizations, Control Tower, service control policies, multi-account security patterns and centralized logging. - Experience with threat modeling methodologies such as STRIDE, PASTA, attack trees, abuse cases, data flow diagrams or architecture risk reviews. - Experience with security automation, SOAR workflows, detection-as-code, policy-as-code or cloud security posture automation. - Experience with tools such as Burp Suite Pro, OWASP ZAP, Semgrep, CodeQL, Checkmarx, Fortify, Veracode, Snyk, Dependabot, Trivy, Grype, Syft, Gitleaks, Checkov, tfsec, Prowler, ScoutSuite, Wiz, Prisma Cloud or similar. - Experience building custom security tooling, scanners, exploit harnesses, detection rules, cloud guardrails or CI/CD security integrations. - Experience with MITRE ATT&CK, MITRE ATLAS, CIS Benchmarks, AWS Well-Architected Security Pillar, NIST, ISO 27001, SOC 2, PCI DSS or similar frameworks. - Experience with bug bounty programs, coordinated vulnerability disclosure, internal red team programs or external penetration testing engagements. - Relevant certifications such as OSCP, OSWE, OSEP, GWAPT, AWS Certified Security Specialty, AWS Solutions Architect, CISSP or equivalent practical experience. What Success Looks Like - Security is embedded into design, development, testing and deployment workflows. - SAST, DAST, SCA, secrets scanning, IaC scanning and AWS posture checks are implemented with practical tuning and low operational noise. - High-risk application and AWS vulnerabilities are identified early, validated accurately and remediated with engineering partnership. - Threat models are used to influence architecture decisions before systems reach production. - Red team findings translate into improved controls, stronger detections and reduced attack paths. - SIEM, AWS logs and security telemetry are used to validate security controls and detect realistic abuse scenarios. - Security automation reduces manual review effort and accelerates vulnerability management, investigation and remediation. - AI-enabled systems are reviewed for emerging threats before they are released or scaled. - Engineering teams view security as a technical partner that helps them ship resilient products.



