About the Team/Role
We’re the Global Information Security Team at WEX, responsible for implementing and operating security technologies and processes throughout WEX. We partner closely with internal teams and customers to assure WEX operates in a secure and compliant manner. Our team holds itself to a high-standard and we collaborate closely with one another to ensure
strong, reliable and effective relationships. We own our results and we take pride of ownership in everything we do.
We need help!
Changing the world isn’t easy, and we have a lot of work ahead of us. From securing applications, data centers and cloud resources, we’ve got more work than we can handle and we’re looking for great people to come along for the ride. We are looking for an application security engineer is responsible for ensuring the secure function of software security and familiarity with multiple general security practices and toolsets
How you'll make an impact
Culturally, you’re:
A highly motivated security engineer who loves working on small, high performing teams that interface with the entire enterprise
A collaborative, solid communicator who works well with your team and stakeholders to drive projects from inception to completion
Someone who cares deeply for team results but is able to work independently to deliver high quality solutions for projects and operational tasks
Comfortable balancing the need to move fast with the realities of working in a highly regulated organization
Someone who thrives in situations where details and accuracy are vital
A skilled worker that has the motivation, expertise, and work ethic to operate independently across global time zones, and who is able to complete tasks and deliverables with minimal oversight
Work closely with Enterprise IT teams on securing Wex's infrastructure and applications
Able to mentor other engineers both technically and professionally
Technically, you:
Engineer, implement, and monitor security measures to protect the enterprise
Configure and troubleshoot security infrastructure devices
Regularly review configurations and develop improvement plans
Develop technical solutions and new security tools to help mitigate security findings
Write comprehensive reports including assessment-based findings, outcomes and recommendations for security enhancement.
Have a general background in IT, Security, and supporting processes
Deep experience working with compliance and regulatory frameworks such as PCI-DSS, HIPAA/HITRUST, SOX, GDPR, NIST, etc.
Experience you’ll bring
Have 3-5 years of experience in Enterprise Information Security Engineering
Have 3-5 years of broad experience with security technologies such as NextGen AV (EDR), DLP, email security (SPF, DMARC, DKIM), web filtering, HSM, Key and Certificate management, or Identity and Access Management
Have a strong, practical understanding of modern cloud IT infrastructure, networking, and security engineering concepts
Are able to troubleshoot network and security issues within a complex environment
Have 3-5 years of experience in engineering solutions which meet security, compliance, and business needs
Can commit and deliver on very specific project/delivery timelines with minimal supervision
Are able work in an on-call rotation which may include some night and weekend shifts
Have excellent customer support skills, both written and verbal
Have 3-5 years of experience Linux and Unix operating systems
Have 3-5 years of experience with securing applications and enabling secure communication through HTTPS
It would be nice if you
Have cloud experience with AWS and Azure
Experience working with AI/LLM Security
Experience working with Splunk
Experience working with CrowdStrike
Experience with automation technologies (SOAR) and writing code for automation
Experience working with Fortanix, Venafi, or similar