Senior Cloud Security Engineer

At Mercury, we believe that good security is a journey rather than a destination which is really another way of saying that security is an ongoing process and not a one time task. Even continual processes have an outcome or product and for us that outcome is trust. When we do our jobs right we deliver trust to internal stakeholders and ultimately to the customer. Trust that Mercury is protecting their assets and privacy and that we are reliable platform to run their business on. Being on the Information Security (InfoSec) team at Mercury means you will be instrumental in building and maintaining that trust through secure process and system design.

Protecting our customer’s security and privacy is a top priority. We're all about using the latest technology to do things smarter. That's why we need a Cloud Security Engineer. This person will be our go-to for making sure our cloud setup is securely maintained while minimizing friction for internal teams. The ideal candidate should be ready and willing to come up with innovative solutions leveraging the newest technologies to address the unique problems they encounter. We work with teams across the enterprise to solve security, privacy, and compliance challenges so be ready to collaborate.

In a world where security risks are always changing, having a Cloud Security Engineer on board is crucial. Come be the hero who helps us stay safe and maintains trust with our customers.

As part of this role, you will:

• Help build and define cloud security posture. Enable cyber resilience. Help with zero trust initiatives.
• Have an understanding of Governance, Risk and Compliance as it relates to cloud engineering
• Work with the infrastructure team to improve the overall reliability and security of our cloud infrastructure
• Automate cloud security controls to ensure threat, vulnerabilities and risk are minimized
• Implement and maintain AWS well architected framework
• Work with teams throughout Mercury to address remote access challenges in a remote first environment
• Work with teams and stakeholders throughout Mercury to address security concerns in the cloud.

The ideal candidate for the role:

• 5+ years relevant experience
• Must possess a strong desire to learn and grow and proven track record of doing so.
• Familiarity with standard security frameworks and privacy regulations (NIST CSF, FFIEC, SOX, SOC2, GLBA, ISO27018, PCI-DSS, etc.)
• Must have strong problem-solving and analytical skills and demonstrate poise and ability to act calmly and competently in high-pressure, high-stress situations.
• Must have a fundamental understanding of accepted security practices, troubleshooting issues, attack vectors, and customer support.
• AWS certifications are encouraged
• Have familiarity with infrastructure as code (IaC) tooling 

If this role interests you, we invite you to explore our public demo at demo.mercury.com. 

The total rewards package at Mercury includes base salary, equity (stock options), and benefits. Our salary and equity ranges are highly competitive within the SaaS and fintech industry and are updated regularly using the most reliable compensation survey data for our industry. New hire offers are made based on a candidate’s experience, expertise, geographic location, and internal pay equity relative to peers.

Our target new hire base salary ranges for this role are the following:

• US employees in New York City, San Francisco, Los Angeles and Seattle: $188,500 - $221,800 USD
• US employees outside of New York City, San Francisco, Los Angeles and Seattle: $169,700 - $199,600 USD
• Canadian employees (any location): CAD 171,500 - 201,800

*Mercury is a financial technology company, not a bank. Banking services provided by Choice Financial Group and Evolve Bank & Trust, Members FDIC.

We use Covey as part of our hiring and / or promotional process for jobs in NYC and certain features may qualify it as an AEDT. As part of the evaluation process we provide Covey with job requirements and candidate submitted applications. We began using Covey Scout for Inbound on January 22, 2024. Please see the independent bias audit report covering our use of Covey here.