Senior Security Engineer & Identity Engineer

About this position:

As a Senior Security Engineer at Later, you will play a critical role in strengthening and scaling the security foundations that power our platform. This role blends deep security expertise with hands-on engineering, with a particular focus on identity and access management, authentication systems, and secure-by-design development practices.

You’ll partner closely with Engineering, Infrastructure, and Product teams to embed security into our CI/CD pipelines, internal platforms, and customer-facing systems—enabling teams to move quickly while keeping our systems, data, and users safe. This is a high-impact individual contributor role for someone who thinks like a defender, builds like a software engineer, and leads through influence.

What you'll be doing:

Strategy

• Assess and continuously improve Later’s security posture across applications, infrastructure, and development workflows
• Define and implement scalable security standards, guardrails, and best practices that support compliance through automated and auditable solutions
• Partner with Engineering and Product leadership to align security priorities with business objectives and delivery timelines
• emerging risks and proactively design systems and processes that reduce long-term exposure

 

Technical/ Execution

• Own identity and access management across Later’s platform, including authentication, authorization, and secure machine-to-machine (M2M) processes
• Design, implement, and maintain secure authentication systems for both internal tools and customer-facing experiences
• Harden login systems, establish consistent authentication patterns across services, and ensure secure integration between tools
• Build and maintain internal security tooling to support secure development, operational visibility, and compliance workflows
• Embed security controls into CI/CD pipelines, including SAST, DAST, SCA, container scanning, secret management, and secure build/deploy practices
• Partner with engineering teams to identify vulnerabilities, clearly communicate risk and impact, and drive effective remediation

Team / Collaboration

• Provide pragmatic, solution-oriented security guidance during system design and architecture reviews
• Collaborate cross-functionally to embed security into development workflows without slowing delivery
• Translate complex security concepts into clear, actionable recommendations for both technical and non-technical stakeholders
• Act as a trusted partner to engineering teams, balancing risk mitigation with business enablement

Leadership

• Lead by influence—raising the security bar through standards, tooling, and mentorship
• Set a high standard for secure engineering practices and help others level up their security mindset
• Model accountability, ownership, and transparency in security decisions

Research/Best Practices

 

• Stay current on application security, cloud security, and identity best practices
• Apply industry frameworks (e.g., OWASP, NIST, CIS Controls) pragmatically within production environments
• Continuously evaluate and improve identity architecture and security automation to scale with the business

Nice to have:

• Experience designing or migrating identity architecture at scale
• Experience building internal developer security tooling
• Experience working in a high-growth technology environment

What success looks like:

• Identity and access management is secure, scalable, and consistently implemented across the platform
• Security controls are embedded into CI/CD pipelines, reducing manual effort and improving detection and prevention
• Engineering teams proactively consider security in their designs and view security as an enabler—not a blocker
• Vulnerabilities are identified early, clearly prioritized, and remediated efficiently
• Compliance frameworks (e.g., SOC 2, ISO 27001) are supported through automation and well-defined processes
• Later’s overall security posture measurably improves while maintaining speed of product delivery

What you bring:

• 5–7+ years of experience as a Security Engineer or Software Engineer with a strong security focus
• Proven experience building and operating production-grade software, systems, or internal tooling
• Strong background in application security, infrastructure security, and secure CI/CD practices
• Hands-on experience with identity and access management, including authentication systems, authorization frameworks, and machine-to-machine security patterns
• Experience applying security frameworks such as OWASP, NIST, or CIS Controls in real-world production environments
• Familiarity with cloud security tooling (AWS Security Hub, Azure Security Center, or GCP Security Command Center), SIEM/SOAR tools, and Infrastructure-as-Code security scanning (Terraform, CloudFormation)
• Experience supporting compliance frameworks such as SOC 2 and ISO 27001
• Familiarity with modern backend systems (including C#) and cloud-native architectures
• Demonstrated ability to collaborate cross-functionally and influence engineering teams to improve security outcomes
• Strong communication skills with the ability to translate complex security concepts into clear, actionable guidance

How you work: 

• Driven by Impact: You deliver results that matter—prioritizing high-value work, meeting deadlines, and adapting quickly while keeping outcomes clear.
• Strategic & Customer-Centric: You anticipate risks and opportunities, connect decisions to long-term growth, and build trust through proactive insights.
• Curious & Growth-Oriented: You seek knowledge, ask sharp questions, and apply learnings fast—challenging the status quo with a mindset of improvement.
• Collaborative & Resilient: You thrive in change by staying resourceful, solution-focused, and positive—removing roadblocks, sharing insights, and keeping morale high.
• Accountable & Honest: You own your work, hold yourself and others to a high bar, and use transparent feedback to drive growth.
• Emotionally Intelligent: You build trust through empathy and collaboration, foster inclusion, and inspire others with grit, optimism, and integrity.

Our approach to compensation:

We take a market-based & data-driven approach to compensation. We leverage data from trusted third-party compensation sources to help us understand the market value of a role based on function, level, geographic location, and scope. We evaluate compensation bi-annually, including performance and market-related factors.

Our salaries are benchmarked against market Total Cash Compensation for the geographic location of our job posting. Compensation for some roles is structured as On Target Earnings (OTE = base + commission/variable) while for others it is structured as Salary only.

To comply with local legislation and ensure transparency, we share salary ranges on all job postings. Skills, experience and other factors help determine the final salary we offer which may vary from the original range posted. 

Additionally, all permanent team members are eligible to participate in various benefits plans as part of their overall compensation package.

Salary Range: 

$ 145,000 - 175,000 

 #LI-Remote