At Sunbit, we're building financial technology that puts people first. By combining intelligent decisioning with a personalized, transparent approach, we help consumers access the payment options that are right for them while empowering merchants to build stronger customer relationships.
Engineering is at the heart of how we make that happen. We build scalable distributed systems, cloud-native services, intelligent data platforms, and AI-powered solutions that enable real-time financial decisions at scale. By leveraging modern engineering practices and integrating AI into both our products and development workflows, we solve complex technical challenges, accelerate innovation, and continuously improve the way we build software. Every service, model, and architectural decision we make directly impacts our products, our customers, and the future of financial technology.
About the Role
We are looking for a Security Engineer to join our Security Engineering team. This is a generalist, "all-rounder" role — you will work across all security domains, while leading and owning a specific security domain based on your expertise.
You will define and drive security programs, design and implement security controls, and make architecture-level decisions across your domain. You will work closely with R&D, DevOps, and engineering teams, embedding security into how we build and operate at scale, and help shape a security-first culture across the organization.
What You'll Work On
- Define and maintain security standards, policies, and controls across all security domains — including SSDLC processes and secure development standards across R&D
- Work hands-on alongside R&D, engineering, and IT teams to implement security controls, drive adoption, and ensure execution
- Lead and contribute to large-scale security projects with real organizational impact
- Evaluate, integrate, and operate industry-leading security tooling and platforms — including emerging startups with cutting-edge technologies
- Build automation, tools, internal processes, Terraform modules, GitHub Actions, and AI agents for engineering teams and for your own team
- Conduct security assessments and threat modeling.
- Lead containment, investigation, and forensic analysis during security incidents
- Identify security gaps and misconfigurations across cloud environments, infrastructure, and internal processes — and drive remediation through scalable, long-term solutions
- Contribute across all security domains — cloud, application, AI security, detection engineering, IT, and more
Requirements
- 5+ years in security engineering with strong hands-on expertise across both application and cloud/infrastructure security
- Hands-on experience with SAST, DAST, SCA, WAF, threat modeling, secure code review, and API security
- Experience defining and driving secure development lifecycle programs (SSDLC), including embedding security gates into CI/CD pipelines and GitOps workflows
- Experience securing cloud-native environments (AWS preferred, GCP/Azure a plus), including containers, Kubernetes workloads, and microservices
- Hands-on experience with Terraform, CSPM/CNAPP tooling, and misconfiguration remediation
- Solid understanding of networking fundamentals (TCP/IP, DNS, TLS, network segmentation) with practical experience implementing zero trust architectures and ZTNA
- Experience with Okta, Google Workspace, SSO/SAML/OIDC, and least-privilege access models
- Familiarity with industry-leading security platforms and tooling across MDM, EDR, SIEM, CSPM/CNAPP, ASPM, WAF, DAST/SAST, ZTNA, and identity security platforms
- Proficiency in scripting and automation — Python, JavaScript, Bash, or similar
- Broad generalist mindset with the ability to operate across multiple security domains and connect the dots between them
Recruitment Fraud Disclaimer
We’ve been made aware of fraudsters impersonating Sunbit employees during the hiring process. Please note that all official communication will come from an @sunbit.com email address, through our applicant tracking platform @sunbit.comeet-notifications.com or directly via LinkedIn. We will never ask for your age, Social Security number, bank account details, payment of any kind, or other unrelated personal information during the application process. Our hiring process always includes interviews, either by phone, zoom, or in person, before any offer is made. If something feels suspicious, please contact us at HR to confirm. We ask that you contact HR only about potential instances of fraud. HR does not reach our recruiting team directly. Your application directly through the posting is the best way to ensure that your candidacy is reviewed by our team. Due to the volume of applications, we will not respond to nor forward emails about your candidacy that are sent to HR directly, and your email about your application will be deleted from our systems.