Information Security Engineer

Description

Stax Payments is seeking a highly skilled and motivated Security Engineer to support and advance our growing security program. This individual will play a critical role in securing our cloud infrastructure and applications, leading tool implementation initiatives, and collaborating with teams across the business to enhance our overall security posture.

The ideal candidate brings strong technical experience in cybersecurity tools such as Security Information and Event Management (SIEM), Data Loss Prevention (DLP), & Web Application Firewalls (WAFs). Additionally, a successful candidate will have experience in AWS Cloud Infrastructure, Zscaler & Okta, along with a collaborative mindset and ability to operate in a fast-paced, agile environment.

Key Responsibilities 

• Design, implement, and manage cloud-native security controls across AWS infrastructure (e.g., IAM, KMS, GuardDuty, Security Hub, SCPs).
• Data Loss Prevention (DLP) deployments and monitoring/support
• Single Sign-On (SSO) SAML2.0, OIDC, OAuth, WS-Fed
• Multifactor authentication (MFA) – related to global policies and/or app sign-on policies
• Delegated Authentication – related to active directoy
• Evaluate, deploy, and manage security tools (e.g., SAST, DAST, CSPM, EDR, WAF, vulnerability management platforms).
• Lead and support internal rollouts of new security capabilities and tools; manage vendor engagement and performance.
• Monitor for emerging threats and contribute to incident response plans, playbooks, and escalations when necessary.
• Automate repetitive security processes using scripting (Python, PowerShell, or similar) and APIs.
• Collaborate with IT, GRC, and Compliance teams to ensure alignment with frameworks such as NIST, PCI-DSS, and SOC2.

Requirements

• 5+ years of hands-on experience in cybersecurity, with an emphasis on cloud and application security.
• Strong knowledge of AWS security best practices (IAM, security groups, VPCs, key management, logging).
• Experience implementing or managing security tools such as CrowdStrike, Zscaler, Qualys, or Splunk or similar technologies.
• Familiarity with DevSecOps principles and integrating security into CI/CD tools (e.g., GitHub Actions, Terraform, Jenkins).
• Proficiency in one or more scripting languages (Python, Bash, PowerShell) for automation.
• Solid understanding of secure coding practices, OWASP Top 10, and common web app vulnerabilities.
• Familiarity with compliance frameworks (e.g., PCI-DSS, SOC2, NIST 800-53).
• Strong analytical, documentation, and troubleshooting skills.
• Excellent communication skills, with the ability to work across technical and non-technical teams.

Preferred Qualifications

• AWS Security Specialty or equivalent certification.
• DLP experience
• Zscaler & Okta Experience (certifications are a plus)
• Experience with Infrastructure-as-Code (e.g., Terraform, CloudFormation).
• Prior work in a regulated or fintech environment.
• Experience leading tool implementations or migrations (e.g., endpoint protection, logging platforms, SIEM).
• Understanding of Zero Trust principles and identity-first security.
• Security certifications such as CISSP, CSSP, or other relevant certifications.