Senior Security Infrastructure Engineer

The salary range for this role is $5,000 - $9,500 per month (Gross in USD) About Sezzle: With a mission to financially empower the next generation, Sezzle is revolutionizing the shopping experience beyond payments, blending cutting-edge tech with seamless, interest-free installment plans that make shopping smarter and more accessible. We’re not just transforming payments; we’re redefining how people discover, interact with, and purchase the things they love while driving real impact on merchant sales through increased conversions and higher order values. As we continue to shape the future of fintech and retail, we’re building an innovative, dynamic team passionate about creating more than just a transaction but a truly unique shopping journey. If you’re excited about pushing boundaries in tech and delivering a game-changing experience for consumers and merchants alike, come join us at Sezzle and help create the future of shopping! Compensation: For this principal development role, with 6+ years of experience, the compensation range is $5,000 - $9,500 USD based on experience level per month and in gross amount. This range acknowledges the extensive expertise, leadership capabilities, and significant contributions expected at this level, offering a competitive salary to reflect the value of advanced skills and experience About the Role: We are seeking a hands-on, high-impact Senior Security Infrastructure Engineer to help strengthen Sezzle’s security posture across cloud infrastructure, applications, and developer workflows. This role is ideal for someone who thrives in a fast-paced environment and wants to work on real-world security problems at scale. As a Senior Security Infrastructure Engineer, you will have a high degree of ownership and autonomy to identify risks, investigate issues, and drive meaningful security improvements across our systems. You will work across vulnerability management, detection engineering, supply chain security, and incident response - partnering closely with engineering teams to ensure security is practical, effective, and embedded into how we build and operate systems. You should consider yourself a DOer - someone who is comfortable diving into logs, analyzing systems, validating findings, and working end-to-end to get issues resolved. We value engineers who bring strong technical depth, good judgment, and the ability to turn security insights into actionable outcomes. This role offers the opportunity to shape and scale security capabilities, including detection systems, supply chain risk controls, and security automation. With the support of modern tooling (including AI where appropriate), you will play a key role in improving efficiency, visibility, and resilience across the organization. This role combines hands-on security operations with exploratory and design work. You will spend significant time investigating and resolving real-world issues, while also researching, evaluating, and building new security capabilities across areas like detection, supply chain security, and data protection. What You’ll Do: Lead and operate vulnerability management across infrastructure, platforms, and applications - including internal scans, dependency analysis, and external findings, validating true positives and driving remediation with engineering teams Build, operate, and mature SIEM/XDR capabilities, including log ingestion, detection rule development, alert tuning, and investigation workflows Investigate and respond to security incidents across cloud infrastructure and applications, performing root cause analysis and driving long-term fixes Design and implement detection strategies for suspicious activity, including data exfiltration patterns using application and database telemetry Lead and contribute to threat modeling exercises and security design reviews to identify risks early and strengthen architecture Apply deep expertise in AWS and Kubernetes to design, secure, and improve resilient and secure cloud infrastructure at scale Drive infrastructure and CI/CD hardening initiatives, with a focus on reducing software and container supply chain risk Lead efforts to implement and improve dependency and container supply chain risk detection systems and controls Partner closely with engineering teams to remediate vulnerabilities and improve secure development and deployment practices Support and implement security controls aligned with PCI DSS, SOC 2, and other compliance requirements Develop and implement automation (including AI where appropriate) to improve efficiency in security operations, detection, and response Triage and validate external security findings, distinguishing true positives and coordinating remediation What We Look For: 6+ years of experience in security, software, or infrastructure engineering, with hands-on experience securing cloud-based production systems and working with real-world security challenges Experience contributing to threat modeling and security design reviews for modern systems Strong hands-on experience in vulnerability management, including scanning, triage, validation, remediation coordination, and verification Experience working with SIEM platforms (e.g., Wazuh, Splunk, ELK) for detection engineering, monitoring, and incident response Practical experience triaging findings from vulnerability scanners and bug bounty programs Strong knowledge of AWS, Linux, and Kubernetes infrastructure, including security architecture, hardening, and operational best practices Experience improving infrastructure security, including CI/CD hardening and mitigating software supply chain risks Experience with container and dependency security tools (e.g., Snyk, Trivy, Grype, etc.) Ability to investigate issues directly using logs, cloud tooling, and system-level data Knowledge of common security vulnerabilities and mitigation strategies (OWASP, SANS, etc.) Working knowledge of compliance frameworks such as PCI DSS and SOC 2 Demonstrated experience working with Claude or equivalent large language model tools is required; candidates must be comfortable leveraging AI to enhance productivity, research, and communication. Preferred Knowledge and Skills: Experience designing and tuning detection rules, reducing alert noise, and improving investigation workflows Strong understanding of cloud-native security controls, including IAM, network segmentation, and container security Familiarity with log-based detection, telemetry pipelines, and security analytics use cases Experience designing secure CI/CD workflows that reduce exposure to vulnerable dependencies and untrusted artifacts Ability to assess application and infrastructure risk and translate findings into actionable improvements Experience aligning technical security work with regulatory and compliance expectations Experience using automation and AI to reduce manual effort and improve consistency at scale About You: You think proactively about security and work to address risk early through clear design feedback and practical engineering solutions You bring strong cloud and infrastructure judgment, especially in AWS and Kubernetes environments You raise the bar on hardening and operational discipline, especially in CI/CD and supply chain security practices You approach security monitoring with an investigator’s mindset and can turn telemetry into meaningful detection and response outcomes You are excited to use automation and emerging technologies (including AI) to automate repetitive security work and improve team effectiveness You balance strong security standards with business needs and can support privacy and compliance requirements in a practical, scalable way You have relentlessly high standards - many people may think your standards are unreasonably high. You are continually raising the bar and driving those around you to deliver great results. You make sure that defects do not get sent down the line and that problems are fixed so they stay fixed. You’re not bound by convention - your success—and much of the fun—lies in developing new ways to do things You need action - speed matters in business. Many decisions and actions are reversible and do not need extensive study. We value calculated risk-taking. You earn trust - you listen attentively, speak candidly, and treat others respectfully. You have backbone; disagree, then commit - you can respectfully challenge decisions when you disagree, even when doing so is uncomfortable or exhausting. You have conviction and are tenacious. You do not compromise for the sake of social cohesion. Once a decision is determined, you commit wholly. You deliver results - you focus on the key inputs and deliver them with the right quality and in a timely fashion. Despite setbacks, you rise to the occasion and never settle. Sezzle’s Technology Stack: Languages: Golang, Typescript, Python Frontend: Typescript - React and React Native Backend: Golang Database: MySQL, Postgres, Elasticsearch DevOps & Cloud: AWS, Kubernetes Version Control: Git CI/CD: Gitlab Testing: Developer and AI-driven, focus on automated end-to-end, integration, and unit tests Open Source: Sezzle is focused on using open source, and we build what we can before buying! What Makes Working at Sezzle Awesome? At Sezzle, we are more than just brilliant engineers, passionate data enthusiasts, out-of-the-box thinkers, and determined innovators; we are skilled musicians, yogis, cyclists, chefs, golfers, dog-lovers, and rock-climbers. We believe in surrounding ourselves with not only the best and the brightest individuals, but those that are unique and purpose-driven in all that they do. Our culture is not defined by a certain set of perks designed to give the illusion of the traditional startup culture, but rather, it is the visible example living in every employee that we hire. #Li-remote #full-time