Lead Security Engineer

Banking is being reimagined—and customers expect every interaction to be easy, personal, and instant.

We are building a universal banking assistant that millions of U.S. consumers can use to transact across all financial institutions and, over time, autonomously drive their financial goals. Powered by our proprietary BankGPT platform, this assistant is positioned to displace age-old legacy systems within financial institutions and own the end-to-end CX stack, unlocking a $200B opportunity and potentially replacing multiple publicly traded companies.

Ultimately, our mission is to drive financial well-being for millions of consumers.

With over two-thirds of Americans living paycheck to paycheck, 50% holding less than $500 in savings, and only 17% financially literate, we aim to put financial well-being on autopilot to help solve this problem.

About the Role

We are seeking a Lead Security Engineer to own and scale our Application and Cloud Security programs. You will be responsible for designing and enforcing security best practices across our codebase, cloud infrastructure, development lifecycle, and production environments.

This role will partner closely with engineering, product, and compliance teams to embed security into every stage of our build, deploy, and delivery processes. You are expected to drive a shift-left security culture, where secure design, secure development, and proactive detection are core to how we build and operate.

Key Responsibilities

Application Security

• Perform security assessments across our application stack, including threat modeling, code reviews, dynamic scanning, and penetration testing.

• Build and maintain secure SDLC practices, including integration of security checks into CI/CD pipelines.

• Guide teams in secure design patterns, including secure authentication, input validation, access control, session management, and secure storage.

• Continuously monitor and remediate vulnerabilities in source code and dependencies (SCA, SAST, DAST).

• Partner with engineering teams to define and enforce coding standards aligned with OWASP and CWE guidelines.

Cloud & Infrastructure Security

• Design and maintain secure configurations for AWS environments, including networking, identity management (IAM), encryption, and logging.

• Implement and manage security services such as GuardDuty, Inspector, Security Hub, and other cloud-native tools.

• Define and enforce infrastructure-as-code (IaC) security controls using tools such as Terraform, CloudFormation, or policy-as-code frameworks (e.g., OPA, Sentinel).

• Lead efforts in runtime protection, including workload scanning, intrusion detection, and anomaly alerting.

• Ensure centralized, secure log collection, monitoring, and alerting across all infrastructure components.

Security Architecture & Best Practices

• Champion a shift-left approach to security—collaborating with developers early in the SDLC and providing actionable feedback during design, build, and review phases.

• Collaborate with product managers and infrastructure leads to ensure security is embedded into architectural decisions, particularly for high-risk features or regulated workflows.

• Define and promote secure defaults, least-privilege access, and zero-trust architectural principles.

• Ensure strong key management and encryption standards are applied across data at rest, in transit, and in use.

Governance, Risk & Compliance

• Support compliance initiatives by building and documenting enforceable security controls.

• Work with auditors and risk teams to demonstrate maturity of security processes and ongoing improvements.

• Establish internal security policies, operational procedures, and regular audit activities.

What We Expect

• Lead the adoption of security by design across engineering functions.

• Embed continuous security testing into our CI/CD pipelines.

• Maintain a developer-centric approach to security—minimizing friction while enforcing strong protections.

• Build scalable policies and automation for secrets management, code signing, and environment hardening.

• Keep pace with evolving security threats, technologies, and tools, proactively updating controls and detection mechanisms.

• Represent security posture to executive and customer stakeholders with clarity and confidence.

What You Bring

Required

• 6+ years of experience in security engineering with a primary focus on application and cloud security

• Proficiency with programming languages like, Java, Python, JavaScript and web technologies (e.g., HTML, CSS, SQL).

• In-depth knowledge of application security vulnerabilities, threat modeling, and SDLC integrations

• Deep familiarity with Cloud security architecture and services (AWS - IAM, VPC, KMS, GuardDuty, CloudTrail, etc.)

• Experience with DevSecOps tools and practices, including SAST, DAST, container scanning, and infrastructure scanning

• Hands-on experience in implementing industry best practices in access control, encryption, and security observability

• Excellent communication skills, with the ability to collaborate across engineering, product, and compliance teams

• Bachelor's degree in Computer Science, Information Security, or a related field.

Preferred

• Experience in high-compliance industries such as financial services, healthcare, or government

• Familiarity with policy-as-code, secrets management tools, and container security

• Certifications such as OSCP, AWS Security Specialty, or CISSP

Why Join Us

• Security is not a checkbox—it is fundamental to our success and product trust.

• You will be empowered to define best-in-class standards that scale across financial AI products, and dynamic customer environments.

• You will work in an organization that values speed and security, backed by a world-class engineering team and product-first culture.

#LI-SS1

At interface.ai, we are committed to providing an inclusive and welcoming environment for all employees and applicants. We celebrate diversity and believe it is critical to our success as a company. We do not discriminate on the basis of race, color, religion, national origin, age, sex, gender identity, gender expression, sexual orientation, marital status, veteran status, disability status, or any other legally protected status. All employment decisions at Interface.ai are based on business needs, job requirements, and individual qualifications. We strive to create a culture that values and respects each person's unique perspective and contributions. We encourage all qualified individuals to apply for employment opportunities with Interface.ai and are committed to ensuring that our hiring process is inclusive and accessible.