Lead Cyber Security Engineer

Continental Finance Company•Wilmington, DE

8d•Hybrid

About The Position

Come join a growing financial technology company that’s leading the marketplace in both the marketing and servicing of credit cards! Continental Finance Company specializes in credit card options for those consumers with less than perfect credit. We are seeking a Lead Cyber Security Engineer to support our Technology team. The Lead Cyber Security Engineer will be responsible for designing, implementing, and operating our cybersecurity program in a cloud-first, API-driven environment. This role is a senior individual contributor with technical leadership responsibility, responsible for embedding security into our AWS infrastructure, applications, and engineering workflows. The ideal candidate is a builder and operator who can balance practical risk management with engineering velocity, working closely with development and infrastructure teams to deliver secure, scalable systems.

Requirements

BA or BS Degree in Computer Science or related degree is preferred. High School Diploma or GED required.
Minimum of 6–10 years of experience in cybersecurity, cloud infrastructure, or software engineering is required.
2–4 years in a senior or lead security engineering role.
Hands-on experience securing cloud-native, SaaS or FinTech platforms.
Direct experience with AWS-based, API-heavy architectures.
Strong hands-on experience with: AWS IAM, VPC, KMS, Security Hub, GuardDuty, CloudTrail
Secure API design (OAuth2, JWTs, mTLS)
Infrastructure-as-Code (Terraform or CloudFormation)
CI/CD security and DevSecOps practices
Solid understanding of OWASP Top 10 and API Security Top 10.
Strong technical judgment and ownership mindset.
Ability to communicate security risks clearly to engineers and leadership.
Pragmatic, risk-based approach to security.
Comfortably operating independently and remaining deeply hands-on.

Nice To Haves

AWS Certified Security – Specialty certification is a plus.
CISSP, CCSP, CISM, or GIAC certifications are preferred.
Experience in regulated FinTech or financial services environments preferred.

Responsibilities

Own the technical execution of the cybersecurity program.
Design and operate security controls across AWS environments.
Implement and maintain IAM, encryption, secrets management, and network security.
Define and enforce secure API and application security standards.
Integrate security tooling into CI/CD pipelines (SAST, DAST, dependency scanning).
Perform threat modeling, vulnerability assessments, and remediation.
Monitor security events and lead technical incident response.
Support SOC 2, PCI DSS, and related audit and compliance activities.
Conduct security reviews of vendors, partners, and third-party integrations.
Act as a security subject-matter expert and advisor to engineering teams.

Benefits

CFC offers a hybrid work schedule which includes three (3) core days in the office (Tuesday, Wednesday, and Thursday) and two (2) remote workdays (Monday and Friday)
We offer all employees competitive compensation and benefits in an exciting, fast-paced business casual environment.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume