Flex is an early-stage, remote-first FinTech startup that is bringing flexible payments to recurring bills. It’s hard to believe that it’s 2022 and you’re still not able to choose when you pay your bills. Flex is here to change that! Flex is a multi-bill platform. We began by revolutionizing rent — Americans’ largest recurring bill. Flex enables its users to pay rent and bills throughout the month on a schedule that better fits their finances. With Flex, everybody can better manage their bills and budget. After deliberately keeping a stealth profile as we built up unprecedented investor support and an enthusiastic user base, we plan to scale to 300 team members in 2022. Will you be a part of the team?
Flex is looking for a Senior Engineer Manager, Security to hire and manage a team of security software engineers and define the culture and practice around security at Flex. Here, you’d be building muscle from the ground floor from a strategic and tactical standpoint. You’d be a leader with influence, but also hands on in implementing the processes and solutions to secure and monitor our infrastructure.
What You'll Do
- Support manual and automated code coverage efforts across all our code base
- Manage security integration into the SDLC and CI/CD process
- Manage integration with manual and automated tools for static and dynamic testing Identify areas for automation and tooling to increase code coverage
- Deliver security solutions and enablers to support engineering
- Establish metrics and reporting to track coverage and effectiveness of security processes
- Engage with product and developers to conduct security reviews, define security requirements and help them deliver applications that are secure by default
- Help evolve security features and services and manage security technical debt
- Manage Flex’s product security bug intake and remediation process
- Mentor junior members of the team and act as a subject matter expert for application security issues
- Conduct threat modeling and risk analysis to identify exposure and develop mitigation plans
- Help establish corporate programs around Security and Compliance.
What You'll Bring
- Strong experience in web and mobile application security issues
- Strong experience in distributed platform development security and design In-depth knowledge of web and mobile security standards and best practices (OWASP, etc.)
- Strong foundation in core information security principles and concepts (HTTPS, TLS, OAuth, etc.)
- Experience with industry tools and technologies such as SAST, DAST, ISAT, SCA, etc.
- Experience in cloud security deployment and implementation issues (AWS, AWS security)
- Familiarity with audits and standards requirements such ISO 27001, PCI DSS, SOC 1 & 2, etc.
- Proven expertise in enterprise-grade and web scale security solutions
- Excellent communication skills Ability to explain complex security topics in simple terms
- Ability to lead and project manage multiple security initiatives A good team player who is self-motivated and well organized
Life at Flex:
We understand that it takes a diverse team of highly intelligent, curious, determined, empathetic, and self aware people to grow a successful company. Our HQ is located in New York City, but we are remote-friendly with employees located throughout the US, Australia, Brazil, and Israel. We are growing quickly, but deliberately, with a focus on building an inclusive culture. Our dynamic team has incredible perspectives to share, just as we know you do, and we take great pride in being an equal opportunity workplace.
We offer many employee benefits, including:
- Competitive pay
- Company-paid medical, dental, and vision
- 401(k) + company stock options
- Unlimited paid time off + company paid holidays
- Parental leave + IVF and adoption support
- Flex Cares Program: Non-profit company match + pet adoption coverage
- Pet Insurance
- Free Flex subscription
Read Full Job Description