Security Engineer

Forward Financing is a financial technology company based in Boston, Massachusetts with team members throughout the United States, Dominican Republic, and Canada. The company is on a mission to unlock the capital that fuels small businesses across America. Recognized as a Best Place to Work by Built In Boston and certified as a Great Place To Work®, Forward is investing in its employees, technology, and customer experience – with long-term success in mind every step of the way.

We are a rapidly growing fintech company on a mission to revolutionize small business lending, and we believe the strategic use of data and models is the key to achieving this goal. Our proprietary platform leverages data and technology to provide fast and flexible financing to underserved businesses across the country. Our Engineering team serves as a key driver of innovation.

We are seeking a highly experienced and proactive Security Engineer to join our team, helping us build and maintain the secure software that powers our Fin Tech product. In this role, you will be instrumental in ensuring proactive threat identification and response across our platforms.

In this role you will:

Design, architect, and implement scalable detection pipelines across various platforms, including cloud environments (AWS), endpoints, identity, DLP, and SaaS.

Mature our Security Information and Event Management (SIEM) and centralized logging capabilities, focusing on enrichment, correlation, and high-signal detections.

Develop detection-as-code practices and CI/CD pipelines for deploying and tuning detection logic.

Leverage infrastructure-as-code (IAC) technologies to establish automated security configurations for platform hardening and cloud-native control enforcement.

Collaborate closely with Information Security and peer partners like Engineering and IT to evaluate, advise on, and deploy new security technologies.

Partner with App Sec, offensive security, and Cloud Engineering teams to identify detection opportunities and test control efficacy.

Act as the Incident Commander of the Security Incident Response Team (SIRT), overseeing triage, containment, and forensics during investigations.

Contribute to the continuous improvement of our vulnerability management program by triaging issues and identifying gaps in pre-production versus post-production detection.

Ensure alignment to industry frameworks such as CIS Controls, ISO 27

XXX, and NIST, embedding defensible security practices across the stack.

Implement necessary security changes to support our Identity Governance Access (IAG) program and Role-Based Access Control (RBAC) models.

(Even if you don’t check every box, but see yourself contributing, please apply.)

Expertise in architecting and deploying detection pipelines across platforms like AWS, GCP, or Azure using tools such as Chronicle, Splunk, Panther, or open-source equivalents.

Typically has 7 or more years of experience in detection engineering, security operations, or a similar role.

Deep familiarity with adversary TTPs (MITRE ATT&CK), anomaly-based detection techniques, and event correlation strategies.

A strong red + blue team mindset; you think like an attacker and build defenses that go beyond surface-level detection.

Expertise in cloud control plane monitoring, identity threat detection, and infrastructure log analysis.

Ability to communicate detection priorities and incident insights to technical and non-technical stakeholders.

History of working on a Security Incident Response Team (SIRT) investigating events, triaging potential incidents, containing environments, and conducting forensics analysis.

Typically has a Bachelor's Degree in computer science, Mathematics, or equivalent technical degree; or equivalent industry experience.

Experience with modern programming languages such as Ruby, Java, Python, or Go.

Expertise in architecting and deploying detection pipelines across platforms like AWS, GCP, or Azure using tools such as Chronicle, Splunk, Panther, or open-source equivalents.

Significant experience in evaluating, running PoCs, and deploying new security tooling solutions.

Experience managing multiple AWS environments (VPCs, firewalls, IAM, Guard Duty, Cloud Trail, WAF).

Experience leading teams securing containerized services deployed in production on orchestration platforms such as Kubernetes.

Demonstrated understanding of modern microservices architectures, design patterns, resiliency techniques, and optimizations

Prior Devops or Software engineer experience is a plus

At Forward Financing, we're committed to fair and transparent compensation. We believe in providing a compensation package that recognizes your skills, experience, and the unique value you bring to our team. We take a market-based approach to pay, regularly reviewing benchmark data to ensure our compensation remains competitive, equitable, and aligned with our performance-driven culture.

Final offers are determined by a…