Senior Security Engineer

Title: Senior Security Engineer – Location: Hybrid- New York, New York About Us Wealth.com is the industry’s leading estate planning platform, empowering more than 1,000 wealth management firms to modernize how they talk about estate planning with their clients. As the only tech‑led, end‑to‑end platform built specifically for financial institutions, Wealth.com enables firms to drive scale, efficiency, and measurable client impact. Trusted by some of the largest names in finance, Wealth.com combines proprietary AI, robust security, and deep technological and legal expertise to serve the full range of client needs, from foundational plans to the most sophisticated estate strategies. The company has been widely recognized for innovation and leadership, winning Top Estate Planning Technology and Top Estate Planning Implementation at the 2025 WealthManagement.com Industry Awards, being named the 2024 Best Technology Provider in the Trust category, and earning #1 in estate planning market share in the 2025 Kitces AdvisorTech Study. Our team is fundamental to our standing as the leading estate planning platform. We cultivate a collaborative and supportive environment, fostering innovation and making Wealth.com a truly enjoyable workplace. Wealth.com is proud to be certified as a Great Place to Work for 2025. The Opportunity We are seeking a highly motivated and experienced Senior Security Engineer to join our dynamic security team. This pivotal role involves leading the design, implementation, and maintenance of robust security measures to protect sensitive financial data and transaction platforms against increasingly sophisticated cyber threats. You will be a subject matter expert, driving security architecture reviews and ensuring compliance with stringent financial industry regulations. Key Responsibilities Reduce third-party risk exposure: improve our current third-party risk assessment process to identify high-risk vendors using AI tools or automation. Implement comprehensive security logging and monitoring: ensure complete logging coverage across critical systems and deliver dashboards and metrics. Manage our SIEM, creating and responding to alerts. Create, maintain, and update company polices. Work with auditors during the annual SOC 2 audit. Improve our vulnerability and patch management: Create secure configuration baselines for servers, endpoints, and cloud. Awareness training: Create a full-year program that includes phishing campaigns and awareness training. Design and Implement Security Controls: Design, implement, and maintain security tools and technologies, including SIEM, EDR, firewalls, IDS/IPS, and DLP, to protect sensitive data. Incident Response and Threat Detection: Lead threat detection efforts, incident response, and forensic investigations. Vulnerability Management: Perform threat modeling and static/dynamic vulnerability assessments, and develop and implement remediation strategies for identified flaws (e.g., OWASP Top 10). Compliance and Auditing: Ensure compliance with regulations and frameworks. Participate in audits and provide necessary evidence and remediation plans. Secure Development Lifecycle (SDLC): Collaborate with engineering and DevOps teams to integrate security into CI/CD pipelines and promote secure coding best practices. Automation and Scripting: Develop automated solutions and use scripting (Python, PowerShell, Bash) to streamline security operations and monitoring processes. Mentorship and Leadership: Provide technical direction and mentorship to junior team members, helping foster a strong, organization‑wide security awareness culture. Required Qualifications Experience: 5+ years of experience in a dedicated information security engineering role, preferably within the financial services or a highly regulated industry. Technical Expertise: Strong working knowledge of network security fundamentals (TCP/IP, UDP, cloud security models (AWS/GCP), and identity and access management (IAM, SSO, MFA). Tools and Technologies: Hands‑on experience with enterprise security tools, including SIEM platforms, vulnerability scanners, and EDR solutions. Regulatory Knowledge: Deep understanding of cybersecurity frameworks such as NIST CSF, and the MITRE ATT&CK framework. Problem‑Solving: Excellent analytical and problem‑solving skills, with the ability to translate complex technical concepts into clear, actionable recommendations for various stakeholders. Other Qualifications Certifications: Relevant security certifications are highly desirable, such as CISSP, CISM, or GIAC. Education: Bachelor's or Master's degree in Computer Science, Cybersecurity, or a related technical field. Emerging Tech Experience: Familiarity with emerging trends like securing cloud environments and managing security posture for AI applications. Benefits & Perks Competitive salary. Hybrid work arrangement if located in the Phoenix or New York area; otherwise, fully remote. We also meet together in person several times a year. Excellent medical, dental, and vision insurance options, with low‑cost premium structures that demonstrate our commitment to offering great value to our employees. 100% company‑paid basic life insurance, short‑term and long‑term disability insurance. 100% paid parental leave upon eligibility. Company equity managed through Carta. 401k with match and 100% vesting upon hire. Flexible PTO in an environment where taking time off to relax or recharge is supported and encouraged. Take time off for holidays—and yes, your birthday counts too. Celebrate, relax, and recharge without thinking twice. Wealth is an equal opportunity employer and encourages people from all backgrounds to apply. Should you have a disability or special need that requires accommodation, please let us know. #J-18808-Ljbffr