Full-Time Security Platform Engineer

OnePay is a consumer financial services app with a simple mission: to help people achieve financial progress. Our vision is to create a single app for consumers to save, spend, borrow, and grow their money.

As a Security Platform Engineer, you’ll support the security of our platform by helping embed secure practices across development and cloud environments. In this role, you’ll contribute to security reviews, automation, and compliance efforts that protect our customers and ensure trust.

• Assist in designing and validating secure AWS configurations (IAM roles, encryption, VPC segmentation).
• Support integration of security checks into CI/CD pipelines using policy-as-code tools and automation.
• Contribute to securing containerized environments (Docker, Kubernetes, EKS) following best practices.
• Participate in threat modeling, code reviews, and static/dynamic analysis alongside senior engineers.
• Help automate repetitive AppSec tasks like vulnerability scanning and triage.
• Document and promote secure development patterns across product teams.

• 4+ years’ experience in application security engineering, DevSecOps, or security platform engineering
• Familiarity with common security frameworks and taxonomies (OWASP Top 10, CWE, CVSS, MITRE ATT&CK)
• Exposure to AWS services (IAM, KMS, VPC, EC2, RDS, EKS) or cloud security fundamentals
• Hands-on experience with code scanning or SAST/SCA tools
• Scripting skills (Python, Bash, or similar) to support automation

What is the last date for applying to the job?

Which countries are accepted for this remote job?