Interface AI
Lead Security Engineer
Job Summary
The Lead Security Engineer role involves designing and enforcing security best practices across application and cloud environments, including threat modeling, code reviews, and vulnerability management. The position requires collaboration with engineering, product, and compliance teams to embed security into the development lifecycle and infrastructure. Candidates should have extensive experience in security engineering, particularly in application and cloud security, and be proficient with security tools, programming languages, and cloud services like AWS. The role emphasizes a proactive, developer-centric approach to security, supporting compliance and promoting security automation and best practices.
Required Skills
Benefits
Job Description
interface.ai is the industry's-leading specialized AI provider for banks and credit unions, serving over 100 financial institutions. The company's integrated AI platform offers a unified banking experience through voice, chat, and employee-assisting solutions, enhanced by cutting-edge proprietary Generative AI.
Our mission is clear: to transform the banking experience so every consumer enjoys hyper-personalized, secure, and seamless interactions, while improving operational efficiencies and driving revenue growth.
interface.ai offers pre-trained, domain-specific AI solutions that are easy to integrate, scale, and manage, both in-branch and online. Combining this with deep industry expertise, interface.ai is the AI solution for banks and credit unions that want to deliver exceptional experiences and stay at the forefront of AI innovation.
About the Role
We are seeking a Lead Security Engineer to own and scale our Application and Cloud Security programs. You will be responsible for designing and enforcing security best practices across our codebase, cloud infrastructure, development lifecycle, and production environments.
This role will partner closely with engineering, product, and compliance teams to embed security into every stage of our build, deploy, and delivery processes. You are expected to drive a shift-left security culture, where secure design, secure development, and proactive detection are core to how we build and operate.
Key Responsibilities
Application Security
- Perform security assessments across our application stack, including threat modeling, code reviews, dynamic scanning, and penetration testing.
- Build and maintain secure SDLC practices, including integration of security checks into CI/CD pipelines.
- Guide teams in secure design patterns, including secure authentication, input validation, access control, session management, and secure storage.
- Continuously monitor and remediate vulnerabilities in source code and dependencies (SCA, SAST, DAST).
- Partner with engineering teams to define and enforce coding standards aligned with OWASP and CWE guidelines.
Cloud & Infrastructure Security
- Design and maintain secure configurations for AWS environments, including networking, identity management (IAM), encryption, and logging.
- Implement and manage security services such as GuardDuty, Inspector, Security Hub, and other cloud-native tools.
- Define and enforce infrastructure-as-code (IaC) security controls using tools such as Terraform, CloudFormation, or policy-as-code frameworks (e.g., OPA, Sentinel).
- Lead efforts in runtime protection, including workload scanning, intrusion detection, and anomaly alerting.
- Ensure centralized, secure log collection, monitoring, and alerting across all infrastructure components.
Security Architecture & Best Practices
- Champion a shift-left approach to security—collaborating with developers early in the SDLC and providing actionable feedback during design, build, and review phases.
- Collaborate with product managers and infrastructure leads to ensure security is embedded into architectural decisions, particularly for high-risk features or regulated workflows.
- Define and promote secure defaults, least-privilege access, and zero-trust architectural principles.
- Ensure strong key management and encryption standards are applied across data at rest, in transit, and in use.
Governance, Risk & Compliance
- Support compliance initiatives by building and documenting enforceable security controls.
- Work with auditors and risk teams to demonstrate maturity of security processes and ongoing improvements.
- Establish internal security policies, operational procedures, and regular audit activities.
What We Expect
- Lead the adoption of security by design across engineering functions.
- Embed continuous security testing into our CI/CD pipelines.
- Maintain a developer-centric approach to security—minimizing friction while enforcing strong protections.
- Build scalable policies and automation for secrets management, code signing, and environment hardening.
- Keep pace with evolving security threats, technologies, and tools, proactively updating controls and detection mechanisms.
- Represent security posture to executive and customer stakeholders with clarity and confidence.
What You Bring
Required
- 6+ years of experience in security engineering with a primary focus on application and cloud security
- Proficiency with programming languages like, Java, Python, JavaScript and web technologies (e.g., HTML, CSS, SQL).
- In-depth knowledge of application security vulnerabilities, threat modeling, and SDLC integrations
- Deep familiarity with Cloud security architecture and services (AWS - IAM, VPC, KMS, GuardDuty, CloudTrail, etc.)
- Experience with DevSecOps tools and practices, including SAST, DAST, container scanning, and infrastructure scanning
- Hands-on experience in implementing industry best practices in access control, encryption, and security observability
- Excellent communication skills, with the ability to collaborate across engineering, product, and compliance teams
- Bachelor's degree in Computer Science, Information Security, or a related field.
Preferred
- Experience in high-compliance industries such as financial services, healthcare, or government
- Familiarity with policy-as-code, secrets management tools, and container security
- Certifications such as OSCP, AWS Security Specialty, or CISSP
Why Join Us
- Security is not a checkbox—it is fundamental to our success and product trust.
- You will be empowered to define best-in-class standards that scale across financial AI products, and dynamic customer environments.
- You will work in an organization that values speed and security, backed by a world-class engineering team and product-first culture.
At interface.ai, we are committed to providing an inclusive and welcoming environment for all employees and applicants. We celebrate diversity and believe it is critical to our success as a company. We do not discriminate on the basis of race, color, religion, national origin, age, sex, gender identity, gender expression, sexual orientation, marital status, veteran status, disability status, or any other legally protected status. All employment decisions at Interface.ai are based on business needs, job requirements, and individual qualifications. We strive to create a culture that values and respects each person's unique perspective and contributions. We encourage all qualified individuals to apply for employment opportunities with Interface.ai and are committed to ensuring that our hiring process is inclusive and accessible.
Interface AI
Interface AI is the industry's-leading specialized AI provider for banks and credit unions, serving over 100 financial institutions. The company's integrated AI platform offers a unified banking experience through voice, chat, and employee-assisting solutions, enhanced by cutting-edge proprietary Generative AI
See more jobsSafe Remote Job Search Tips
Verify Employer Thoroughly
Research the company's identity thoroughly before applying. Check for a professional website with contacts, active social media, and LinkedIn profiles. Verify details across platforms and look for reviews on Glassdoor or Trustpilot to confirm legitimacy.
Never Pay to Get a Job
Legitimate employers never require payment for applications, training, background checks, or equipment. Always reject upfront payment requests or demands for bank details, even if they claim it's for purchasing necessary work gear on your behalf.
Safeguard Your Personal Information
Protect sensitive data like SSN, bank details, or ID copies. Share this only after accepting a formal, written job offer. Ensure it's submitted via a secure company system or portal, never through insecure channels like standard email attachments.
Scrutinize Communication & Interviews
Watch for communication red flags: poor grammar, generic emails (@gmail), vague details, or undue pressure. Be highly suspicious of interviews held only via text or chat apps; legitimate companies typically use video or phone calls.
Beware of Unrealistic Offers
If an offer's salary or benefits seem unrealistically high for the work involved, be cautious. Research standard pay for similar roles. Offers that appear 'too good to be true' are often scams designed to lure you into providing information or payment.
Insist on a Formal Contract
Always secure and review a formal, written job offer or employment contract before starting work or sharing final personal details. Ensure it clearly defines your role, compensation, key terms, and conditions to avoid misunderstandings or scams.