Staff Security Engineer

About Us:
At Parafin, we're on a mission to grow small businesses.

Small businesses are the backbone of our economy, but traditional banks often don't have their backs. We build tech that makes it simple for small businesses to access the financial tools they need through the platforms they already sell on.

We partner with companies like DoorDash, Amazon, Worldpay, and Mindbody to offer fast and flexible funding, spend management, and savings tools to their small business users via a simple integration. Parafin takes on all the complexity of capital markets, underwriting, servicing, compliance, and customer service for our partners.

We're a tight-knit team of innovators hailing from Stripe, Square, Plaid, Coinbase, Robinhood, CERN, and more — all united by a passion for building tools that help small businesses succeed. Parafin is backed by prominent venture capitalists including GIC, Notable Capital, Redpoint Ventures, Ribbit Capital, and Thrive Capital. Parafin is a Series C company, and we have raised more than $194M in equity and $340M in debt facilities.

Join us in creating a future where every small business has the financial tools they need.

About The Position
We're looking for an experienced security-focused engineer to help shape and scale Parafin's security posture across our cloud and platform environments. Our Security and Infrastructure team owns the foundational systems that power all of Parafin — from compute and networking to identity and compliance — and you'll play a central role in ensuring those systems are secure, reliable, and compliant.

In this role, you'll design and operate controls, tooling, and processes that keep our infrastructure resilient and compliant while enabling developers to move quickly and safely. You'll partner closely with teams across engineering and compliance to strengthen how we manage access, secure applications, monitor threats, and respond to incidents.

What You'll Be Doing

• Lead efforts to improve Parafin's overall security posture across infrastructure, applications, and data systems.
• Develop and maintain frameworks for identity, access management, and least-privilege enforcement.
• Establish and operate best-in-class security monitoring, alerting, and incident response processes.
• Partner with product and infrastructure engineers to embed secure-by-default patterns in our systems and applications.
• Define and enforce standards for vulnerability management, secrets handling, and dependency integrity.
• Collaborate with compliance and risk teams to build and maintain controls aligned with frameworks such as SOC 2, PCI DSS, and other fintech regulations.
• Support audits and security assessments by ensuring controls are properly implemented and evidenced.
• Contribute to security awareness and training efforts across engineering teams.
• Influence long-term strategy on secure architecture, detection, and response automation.

What We're Searching For

• 8+ years of experience in security operations or application security, preferably in a cloud-native and regulated environment.
• Strong understanding of AWS security, including IAM, VPC, and network segmentation best practices.
• Experience with threat detection and response, vulnerability management, and incident response workflows.
• Familiarity with Kubernetes and container security principles, including RBAC, admission controls, and runtime monitoring.
• Knowledge of compliance frameworks (SOC 2, PCI DSS, ISO and how to operationalize them in engineering environments.
• Strong communication and collaboration skills — comfortable working across engineering, product, and compliance teams.

We Prefer If You Have

• Experience building or maturing a security operations or application security program at scale.
• Background in security automation, threat modeling, or secure architecture reviews.
• Familiarity with developer-focused security enablement — e.g., SAST/DAST integration, dependency scanning, or security education.
• Experience in regulated or fintech environments where security and speed must coexist.

What We Offer

• Salary Range: $235k - $280k
• Equity grant
• Medical, dental & vision insurance
• Unlimited PTO
• Work From Home flexibility
• Commuter benefits
• Free lunches
• Paid parental leave
• 401(k)
• Employee assistance program

If you require reasonable accommodation in completing this application, interviewing, completing any pre-employment testing, or otherwise participating in the employee selection process, please contact us.