Staff Security Engineer

ABOUT THE ROLE:

Splash Financial is seeking a Staff Security Engineer that will serve as a key pillar in elevating our cybersecurity posture, ensuring the protection of business and customer data, and leading efforts to meet and exceed compliance requirements. This individual will leverage deep technical expertise to architect, implement, and maintain robust security frameworks, tools, and processes across the organization. This role is for you if you have a passion for security, and are interested in making a tremendous impact across our products and teams.

WHAT YOU’LL DO AT SPLASH:

• Develop and implement DLP strategies and tooling to prevent unauthorized access and exfiltration of sensitive data.
• Optimize the use of our SIEM tooling, ensuring it delivers full value through customized monitoring, alerting, and incident response capabilities.
• Conduct regular training for the security team to enhance in-house expertise.
• Design and deploy a comprehensive vulnerability management program, including periodic scanning, risk assessment, and prioritization for remediation.
• Lead security risk assessment efforts, identifying, evaluating, and reporting risks to executive leadership.
• Develop strategies for risk mitigation or acceptance, ensuring informed decision-making at the executive level.
• Enhance the existing incident response framework, focusing on security-specific scenarios requiring specialized expertise.
• Regularly conduct cybersecurity maturity assessments to identify gaps and areas for improvement.
• Implement and maintain cybersecurity frameworks that align with business goals and compliance requirements.
• Develop and maintain dashboards and reports for real-time visibility into the security posture.
• Work closely with compliance teams to ensure ongoing adherence to all relevant security standards and regulations.
• Develop and oversee comprehensive security training and awareness programs, including PII handling, password management, and anti-phishing campaigns.

WHAT YOU’LL BRING TO SPLASH:

• Proven experience in security engineering, including DLP, SIEM, vulnerability management, and incident response.
• Strong understanding of compliance frameworks (SOC2, PCI, ISO 27001) and experience leading certification efforts.
• Excellent communication skills for effective risk communication, training delivery, and cross-departmental collaboration.
• Strategic thinker with the ability to translate security needs into actionable plans and solutions.