Senior Platform Security Engineer
Monstro · New York City, Hybrid
Hybrid$185–232k
senior
security engineer
Apply on Monstro →
About Monstro
Monstro is the operating system for governed financial intelligence. We build governance and intelligence infrastructure that enables artificial intelligence to operate safely, explainably, and at institutional scale.
We exist because the level of financial guidance historically available to a small group should be accessible to many more people. By combining AI with deep institutional infrastructure, we help financial institutions deliver more personalized, responsible, and life-changing financial support to millions of individuals.
We’re building mission-critical systems in a highly regulated domain, and we care deeply about doing it right. If you’re motivated by meaningful problems, high standards, and shaping infrastructure that improves financial outcomes, you’ll feel at home here.
About the Role
We're looking for a Senior Platform Security Engineer to help build and secure the infrastructure that powers Monstro's AI platform. This is a hands-on engineering role focused on creating reliable, scalable, and secure systems while embedding security throughout the software development lifecycle.
You'll sit at the intersection of platform engineering, cloud infrastructure, security operations, and compliance. Your mission is to build and maintain scalable, secure, and compliant infrastructure that enables engineering teams to move quickly with confidence. Alongside building and securing our platform, you'll help mature the controls, processes, and evidence required to support compliance initiatives such as SOC 2 and ISO 27001 as Monstro continues to scale. Working with financial institutions requires a high bar for security, governance, and operational resilience, and you'll play a critical role in ensuring our infrastructure meets those expectations without compromising engineering velocity.
As we continue to scale our platform and expand our regulated AI infrastructure, you'll play a key role in designing deployment pipelines, automating infrastructure, strengthening security controls, and driving operational excellence across our cloud environments. You'll help build the technical foundations that allow Monstro to remain secure, compliant, and audit-ready while supporting the rapid development and deployment of AI-powered products.
This is not a role where security operates separately from engineering. We believe the strongest security posture is built into the platform from day one. You'll work closely with software engineers, product teams, and leadership to establish DevSecOps practices that support both innovation and trust.
Security is a strategic priority at Monstro. As a company building infrastructure for financial institutions, we operate in an environment where trust, resilience, and compliance are foundational to our success. This role will have meaningful visibility and influence across the organization, helping shape the systems, controls, and operational practices that protect both our platform and our customers while enabling engineering teams to move quickly and safely.
No two days look the same. You may be improving Kubernetes deployment workflows in the morning, responding to a security alert in the afternoon, helping prepare evidence for a compliance review, and designing infrastructure improvements that reduce operational risk before the day is done.
What You'll Own
Platform Engineering & Infrastructure
Design, build, and maintain scalable cloud infrastructure across GCP and supporting cloud platforms
Implement and manage infrastructure-as-code using Terraform. Experience with Terraform is preferred, though equivalent experience with infrastructure automation tools such as Pulumi, CloudFormation, Ansible, or similar technologies is also valued.
Manage containerized environments and orchestration platforms including Docker and Kubernetes
Drive reliability, performance, and scalability improvements across production systems
Support disaster recovery, business continuity, and infrastructure resilience initiatives
Partner with engineering teams to improve developer experience and deployment velocity
Partner with AI and product engineering teams to build the infrastructure foundations for agentic systems, enabling secure, scalable, and reliable deployment of AI-powered workflows and services.
DevOps & CI/CD
Design, implement, and optimize CI/CD pipelines using GitHub Actions, GitLab CI, Jenkins, Azure DevOps, or similar technologies
Automate build, testing, deployment, and operational workflows to reduce manual effort and improve consistency
Champion GitOps and infrastructure automation practices across engineering teams
Establish monitoring, observability, and alerting frameworks using tools such as Prometheus, Grafana, Datadog, and ELK
Improve deployment reliability and operational metrics through continuous platform enhancements
Security Operations & Governance
Embed security controls throughout the software development lifecycle through a DevSecOps approach
Manage vulnerability scanning, remediation programs, and patch management processes
Implement and maintain security monitoring, SIEM tooling, intrusion detection, and threat detection capabilities
Manage secrets, credentials, certificates, and key management systems
Lead incident response activities, root cause investigations, and post-incident reviews
Conduct threat modelling and security risk assessments for new and existing systems
Partner with engineering teams to improve security awareness and secure development practices
Cloud Security & Compliance
Apply cloud security best practices including least-privilege access controls, encryption, and network segmentation
Design and maintain secure networking architectures including VPCs, VPNs, firewalls, load balancers, and zero-trust controls
Support compliance initiatives aligned to frameworks such as SOC 2, ISO 27001, CIS Benchmarks, NIST, and GDPR
Contribute to audit readiness activities and remediation efforts
Help ensure Monstro's infrastructure meets the security expectations required within regulated financial environments
Collaboration & Engineering Excellence
Work closely with engineering, product, and leadership teams to build a security-first engineering culture
Maintain high-quality technical documentation including runbooks, architecture diagrams, operational procedures, and security policies
Lead and participate in on-call rotations and operational incident management
Mentor engineers and contribute to knowledge sharing across the organization
Help establish best practices that improve reliability, security, and operational maturity as we scale
What We're Looking For
7–10+ years of experience in Platform Engineering, DevOps, Site Reliability Engineering, Security Engineering, or related infrastructure roles
Proven experience owning and operating production cloud infrastructure in business-critical environments
Deep expertise designing and maintaining secure, scalable, and highly available systems on GCP; experience with Azure or AWS is a plus
Strong hands-on experience with Kubernetes, container orchestration, and container security in production environments
Significant experience building and managing CI/CD pipelines and deployment automation using tools such as GitHub Actions, GitLab CI, Jenkins, or Azure DevOps
Expert-level knowledge of Infrastructure-as-Code practices using Terraform, Ansible, Pulumi, or similar technologies
Experience embedding security controls throughout the software development lifecycle and driving DevSecOps practices across engineering organizations
Strong understanding of cloud security architecture, identity and access management, secrets management, network security, encryption, and zero-trust principles
Hands-on experience operating production systems, including monitoring, alerting, observability, incident response, vulnerability management, SIEM tooling, threat detection, and SRE best practices.
Experience supporting compliance and governance initiatives aligned with frameworks such as SOC 2, ISO 27001, NIST, CIS Benchmarks, or similar standards
Strong scripting and automation skills using Python, Bash, or equivalent technologies
Demonstrated ability to lead complex infrastructure, reliability, or security initiatives from design through implementation
Comfortable operating with a high degree of autonomy in a fast-moving environment where infrastructure, security, and engineering priorities evolve rapidly
A builder's mindset with strong ownership, sound judgment, and a bias toward practical solutions that balance security, reliability, and delivery velocity
Nice to Have
Experience working within fintech, BankingTech, AI infrastructure, or other highly regulated industries
Why Monstro?
Ownership & Impact: Shape the future of AI-powered finance—building a category-defining product used by consumers and institutions around the world.
Experienced Team: Join a team with leadership that has a track record of scaling companies from early stage to major exits.
Principles-Driven Culture: Work in a culture that values speed, ownership, and impact—what most companies achieve in 90 days, we do in 45.
Comprehensive Compensation Package: Competitive salary, equity, and robust benefits package, including paid health, vision, dental, and disability coverage.
Base Compensation Range (New York City): $185,000 - $232,000
Final compensation will depend on a variety of factors, including experience, skills, internal leveling, and market conditions, and will be offered within the stated range in accordance with applicable pay transparency laws.
A Note on Interviewing
We sometimes use AI note-takers to help us transcribe interview notes, so we can be more present in your interview. If you'd like to opt out of us using automatic transcribers, please note this in the free text field in your application, otherwise we'll take your application as confirmation that you're happy for us to use note-takers (whether added to video calls or in the background).
Ready to Build With Us?
If you're excited to contribute to a high-bar team building something meaningful, we'd love to hear from you.
Posted 2026-06-23