Infrastructure Engineer - Security

About The Position

Requirements

• Has 4+ years of experience in security engineering, with hands-on infrastructure experience (AWS, Kubernetes, Linux)
• Can read code, write code, and isn't afraid to ship fixes in a production environment
• Has experience with security tooling: SIEM, vulnerability scanners, WAFs, secrets management, etc.
• Understands modern attack vectors and how to defend against them in cloud-native environments
• Has worked with compliance frameworks (PCI-DSS, SOC 2) and knows how to implement controls that actually work
• Is comfortable with ambiguity — you'll be building the security function from the ground up
• Communicates well and can work cross-functionally with engineers who aren't security experts
• Gets things done. We're a small team moving fast; we need someone who ships, not someone who just writes reports.

Responsibilities

• Own Slash's security posture end-to-end — from threat modeling to incident response
• Harden our cloud infrastructure (AWS, Kubernetes, Terraform) with secure configurations and least-privilege access controls
• Implement and maintain security tooling: vulnerability scanning, SIEM, intrusion detection, secrets management
• Lead security reviews of code, architecture, and third-party integrations
• Own and execute against PCI-DSS, SOC 2, and other compliance frameworks — not just audits, but actually building the controls
• Build automated security guardrails into our CI/CD pipeline
• Monitor, investigate, and respond to security events; run incident response when needed
• Partner with engineering to fix vulnerabilities and ship secure code — you'll write patches, not just tickets
• Define and iterate on our security roadmap as we scale

Benefits

• Opportunity for high growth, Series B, Fintech start-up
• High autonomy + ownership culture
• Comprehensive health + benefits plan
• Working out of our new San Francisco office space
• Unlimited Vacation