Staff Security Engineer
Company: Parafin
Location: San Francisco
Posted on: April 1, 2026
|
|
|
Job Description:
About Us: At Parafin, we’re on a mission to grow small
businesses. Small businesses are the backbone of our economy, but
traditional banks often don’t have their backs. We build tech that
makes it simple for small businesses to access the financial tools
they need through the platforms they already sell on. We partner
with companies like DoorDash, Amazon, Worldpay, and Mindbody to
offer fast and flexible funding, spend management, and savings
tools to their small business users via a simple integration.
Parafin takes on all the complexity of capital markets,
underwriting, servicing, compliance, and customer service for our
partners. We’re a tight-knit team of innovators hailing from
Stripe, Square, Plaid, Coinbase, Robinhood, CERN, and more — all
united by a passion for building tools that help small businesses
succeed. Parafin is backed by prominent venture capitalists
including GIC, Notable Capital, Redpoint Ventures, Ribbit Capital,
and Thrive Capital. Parafin is a Series C company, and we have
raised more than $194M in equity and $340M in debt facilities. Join
us in creating a future where every small business has the
financial tools they need. About the Position We’re looking for an
experienced security-focused engineer to help shape and scale
Parafin’s security posture across our cloud and platform
environments. Our Security and Infrastructure team owns the
foundational systems that power all of Parafin — from compute and
networking to identity and compliance — and you’ll play a central
role in ensuring those systems are secure, reliable, and compliant.
In this role, you’ll design and operate controls, tooling, and
processes that keep our infrastructure resilient and compliant
while enabling developers to move quickly and safely. You’ll
partner closely with teams across engineering and compliance to
strengthen how we manage access, secure applications, monitor
threats, and respond to incidents. What You’ll Be Doing Lead
efforts to improve Parafin’s overall security posture across
infrastructure, applications, and data systems. Develop and
maintain frameworks for identity, access management, and
least-privilege enforcement. Establish and operate best-in-class
security monitoring, alerting, and incident response processes.
Partner with product and infrastructure engineers to embed
secure-by-default patterns in our systems and applications. Define
and enforce standards for vulnerability management, secrets
handling, and dependency integrity. Collaborate with compliance and
risk teams to build and maintain controls aligned with frameworks
such as SOC 2, PCI DSS, and other fintech regulations. Support
audits and security assessments by ensuring controls are properly
implemented and evidenced. Contribute to security awareness and
training efforts across engineering teams. Influence long-term
strategy on secure architecture, detection, and response
automation. What We’re Searching For 8 years of experience in
security operations or application security, preferably in a
cloud-native and regulated environment. Strong understanding of AWS
security, including IAM, VPC, and network segmentation best
practices. Experience with threat detection and response,
vulnerability management, and incident response workflows.
Familiarity with Kubernetes and container security principles,
including RBAC, admission controls, and runtime monitoring.
Knowledge of compliance frameworks (SOC 2, PCI DSS, ISO 27001) and
how to operationalize them in engineering environments. Strong
communication and collaboration skills — comfortable working across
engineering, product, and compliance teams. We Prefer If You Have
Experience building or maturing a security operations or
application security program at scale. Background in security
automation, threat modeling, or secure architecture reviews.
Familiarity with developer-focused security enablement — e.g.,
SAST/DAST integration, dependency scanning, or security education.
Experience in regulated or fintech environments where security and
speed must coexist. What We Offer Salary Range: $235k - $280k
Equity grant Medical, dental & vision insurance Unlimited PTO Work
From Home flexibility Commuter benefits Free lunches Paid parental
leave 401(k) Employee assistance program If you require reasonable
accommodation in completing this application, interviewing,
completing any pre-employment testing, or otherwise participating
in the employee selection process, please contact us.
Keywords: Parafin, Castro Valley , Staff Security Engineer, IT / Software / Systems , San Francisco, California
