Senior Security Engineer

### About Loancrate Loancrate is dedicated to simplifying and reducing costs in the home-buying process for both lenders and borrowers. We aim to revolutionize the mortgage industry with AI-native tools that automate workflows, ultimately striving for fully automated origination, which could save lenders over $16 billion annually. ### The Opportunity We are seeking a **Senior Security Engineer** who will enhance Loancrate's security without hindering development. In this role, you will create systems, guardrails, and tools to identify issues early, establish secure defaults, and allow engineers to work efficiently while ensuring safety. This position involves working with sensitive personal and financial data, emphasizing that security is a facilitator, not a barrier. ### What To Expect As a Senior Security Engineer, you will quickly engage with our codebase and infrastructure. Within your first month, you will: - Conduct a comprehensive threat model of our application and infrastructure, identifying gaps and creating a remediation roadmap. - Harden our AWS infrastructure, focusing on IAM least-privilege, secrets management, and network segmentation while maintaining developer workflow efficiency. - Integrate security tooling into our CI/CD pipeline, including SAST, dependency scanning, and secret detection to catch issues pre-deployment. - Collaborate with engineering on our SOC 2 Type II compliance, ensuring that good security practices naturally lead to compliance. - Develop secure-by-default patterns and libraries to streamline security for teams. If you have experience in fintech or a regulated industry and are eager to innovate in security practices, we want to hear from you!