Senior Information Security Engineer
selffinancial • Austin, Remote
Posted: February 3, 2026
Job Description
Role Summary
The Senior Information Security Engineer is responsible for owning application security across all Self products. This role plays a critical part in protecting customer data, ensuring compliance with SOC 2 and PCI requirements, and partnering closely with engineering teams to identify, prioritize, and remediate security risks throughout the software development lifecycle.
What you will do:
- Own end-to-end application security for all Self products
- Conduct and manage vulnerability scanning, triage, and remediation tracking using security tools (e.g., SAST)
- Partner closely with engineering and product teams to remediate critical security findings
- Lead and perform third-party vendor security reviews and risk assessments
- Support SOC 2 and PCI compliance efforts, including audit preparation and evidence collection
- Identify application-level security risks and recommend mitigation strategies
- Help embed secure-by-design practices into product development processes
- Monitor emerging application security threats and recommend appropriate controls
Who you are:
- Strong experience in application security, product security, or software security engineering
- Experience with application security scanning using GitLab SAST
- Hands-on experience with vulnerability management tools and remediation workflows
- Knowledge of secure software development practices and common application vulnerabilities
- Experience supporting or operating within SOC 2 and PCI compliance environments
- Ability to partner effectively with engineering teams to drive security outcomes
- Strong risk assessment, prioritization, and communication skills
Preferred Qualifications
- Experience performing third-party vendor security assessments
- Familiarity with cloud-native application architectures
- Prior experience in fintech, regulated industries, or environments handling sensitive customer data
- Security certifications (e.g., CISSP, CSSLP, GWAPT) or equivalent experience
Base salary range: $ 100,000-148,000 annually. Individual pay is based on factors unique to each candidate, including skill set, experience, and other job-related reasons.
Additional Content
Role Summary
The Senior Information Security Engineer is responsible for owning application security across all Self products. This role plays a critical part in protecting customer data, ensuring compliance with SOC 2 and PCI requirements, and partnering closely with engineering teams to identify, prioritize, and remediate security risks throughout the software development lifecycle.
What you will do:
- Own end-to-end application security for all Self products
- Conduct and manage vulnerability scanning, triage, and remediation tracking using security tools (e.g., SAST)
- Partner closely with engineering and product teams to remediate critical security findings
- Lead and perform third-party vendor security reviews and risk assessments
- Support SOC 2 and PCI compliance efforts, including audit preparation and evidence collection
- Identify application-level security risks and recommend mitigation strategies
- Help embed secure-by-design practices into product development processes
- Monitor emerging application security threats and recommend appropriate controls
Who you are:
- Strong experience in application security, product security, or software security engineering
- Experience with application security scanning using GitLab SAST
- Hands-on experience with vulnerability management tools and remediation workflows
- Knowledge of secure software development practices and common application vulnerabilities
- Experience supporting or operating within SOC 2 and PCI compliance environments
- Ability to partner effectively with engineering teams to drive security outcomes
- Strong risk assessment, prioritization, and communication skills
Preferred Qualifications
- Experience performing third-party vendor security assessments
- Familiarity with cloud-native application architectures
- Prior experience in fintech, regulated industries, or environments handling sensitive customer data
- Security certifications (e.g., CISSP, CSSLP, GWAPT) or equivalent experience
Base salary range: $ 100,000-148,000 annually. Individual pay is based on factors unique to each candidate, including skill set, experience, and other job-related reasons.