Software Engineer - Security

OVERVIEW

This position can be based out of San Francisco, New York, or remote (we accept candidates from many states).

Modern Treasury’s mission is to build the most trusted financial infrastructure for global money movement. We’re looking for a Security Engineer to design and strengthen the controls that protect our payment infrastructure. You’ll enable as well as build secure, compliant financial products while contributing directly to the reliability and automation of our security and Dev Ops systems.

Modern Treasury is expanding deeper into money movement. We’re building new products that will let customers move funds across both traditional rails and emerging technologies, including stable coins. You’ll help design, deploy and operate the security controls that make this possible and set the foundation for compliant, programmable money movement at scale.

This role is a hands‑on devops and security engineering with heavy focus on automation.

This role focuses on application, product, and infrastructure security, and sits at the intersection of security, platform, payments engineering, and infrastructure. You’ll shape how Modern Treasury manages risk at scale and design the systems that make programmatic, compliant money movement possible. We are looking for someone who can influence security strategy, drive Dev Sec Ops  automation and contribute to architectural design.

Your work will ensure that as we grow into new products and payment rails, we continue to move fast while keeping trust, compliance, and safety at the core of our platform.

• Lead application security across our payment platform, including secure code review, threat modeling, and security architecture for new products
• Own product security for new payment rails, including FBO account structures, stablecoin integration, and enhanced compliance features
• Design and implement Dev Sec Ops  tooling and automation to improve security posture across CI/CD and infrastructure
• Partner with engineering teams to embed security into the development lifecycle through automation, secure design patterns, and security champions
• Drive security architecture decisions for customer-facing APIs, authentication systems, and data protection controls
• Build monitoring and detection capabilities for application-layer threats, API abuse, and fraud patterns
• Design infrastructure monitoring, automation, and remediation practices that keep our systems resilient and trustworthy
• Collaborate with Compliance and Legal to ensure product features meet regulatory requirements (BSA/AML, KYC/KYB, state money transmission)
• Influence technical strategy across Product, Platform, and Infrastructure teams on security and risk management

• 7+ years in Devops with a focus on security engineering, with 3+ years focused on application and product security
• Strong experience with:
  • Full-stack application security (frontend, backend, APIs)
  • Authentication and authorization systems and identity management
  • Dev Ops or infrastructure automation related to security (AWS, Docker, CI/CD pipelines)
  • Fraud detection, prevention, and abuse mitigation in payment or financial products
  • Secure SDLC practices and developer security tooling
• Experience with incident response and security monitoring
• Knowledge and experience with application security for Ruby on Rails, Graph
  
  QL, JavaScript, React, and containerized environments
• Payments engineering experience, ideally including fraud prevention and risk controls in money movement systems

• 2+ years in payments or fintech, with a deep understanding of money movement security challenges
• Familiarity with compliance and regulatory standards for money movement, such as PCI DSS, BSA/AML, and KYC/KYB
• Experience with payment processing security across ACH, wires, card networks, and emerging rails
• Experience building controls for fraud detection, chargeback prevention, and abuse mitigation in payment systems
• Experience integrating security into Dev Ops workflows (e.g., Buildkite, IaC, AWS security automation)
• Experience with stablecoin security, blockchain integrations, or crypto payment rails
• Track…