Senior Cyber Security Engineer

Are you ready to build the future of our company?

About Mercury® Financial

Mercury® Financial is an innovative and growing financial services company with locations in both Austin, TX and Wilmington, DE. Our mission is to help customers build and maintain their financial future by offering them credit cards they can afford and understand. After only a few years, we’ve had great success building a significant credit card program, but we are aiming higher, which  means we have lots of challenging problems for you to help us solve. Come onboard, work with some of the most talented individuals who thrive on collaboration and teamwork, and help us continue to build something special.

Location 

Mercury® Financial is headquartered in the progressive and entrepreneurial tech hub of Austin, Texas. Our physical location is situated in a beautiful park like setting called the Domain. The Domain's ideal location and exceptional amenities, amazing restaurant selection and convenient parking, are all perfect for after work happy hours!

Or, 

Mercury® Financials' Wilmington, Delaware office is located near the Riverfront. Wilmington is Delaware’s largest city and is the economic engine of the state. The Riverfront combines its rich history with a host of attractions that bring great food, entertainment, and shopping to our city. Based on its convenient location, direct access to I-95, Amtrak and SEPTA, this location allows our employees the flexibility to live in a variety of the surrounding areas.

What it’s like to work here: 

We foster a collaborative and innovative culture where you will be empowered to do your best work. All of our employees bring everything they have to their job and are part of a larger team working towards a greater goal. We do right by our employees, our partners, and our customers.

Summary:

We are seeking an experienced and detail-oriented Senior Cyber Security Engineer with an analytical mindset and deep expertise in cybersecurity methodologies, frameworks, and standards. The ideal candidate will be responsible for safeguarding our systems and infrastructure by identifying vulnerabilities, improving security controls, and managing key security tools and technologies. This role demands strong problem-solving skills, the ability to work under pressure, and a commitment to upholding security protocols within a fast-paced environment.

Job Duties:

Security Infrastructure Management:

• Design, implement, configure, and maintain security controls for networks, systems, applications, and data, ensuring they align with industry standards (NIST, ISO 27001, PCI-DSS, etc.)
• Manage security tools including Firewalls, Intrusion Detection and Prevention Systems (IDS/IPS), Security Information and Event Management (SIEM), Internet Proxies, and Data Loss Prevention (DLP) solutions
• Monitor and tune security controls to improve overall security posture across cloud environments (AWS) and on-premises systems

Vulnerability and Risk Management:

• Lead vulnerability management programs by overseeing vulnerability scanning and coordinating remediation efforts with system owners, adhering to defined SLAs
• Conduct regular risk assessments and security audits, providing recommendations for mitigating risks, and report findings to senior leadership
• Collaborate with internal and external teams to manage security certifications (e.g., PCI-DSS, SOC 2) and facilitate third-party compliance audits

Incident Response and Threat Management:

• Detect, analyze, and respond to security incidents in real-time using advanced monitoring tools
• Continuously improve incident response processes, ensuring timely remediation of security breaches or vulnerabilities
• Work closely with the security operations team to fine-tune detection rules and correlate threat intelligence data to enhance the organization's threat detection capabilities

Security Awareness and Training:

• Drive security awareness initiatives including training campaigns, newsletters, and assessments to keep employees informed about security best practices
• Participate in and support cybersecurity drills and exercises to simulate potential security incidents and enhance team preparedness

Documentation and Reporting:

• Prepare detailed reports, metrics, and dashboards to communicate the effectiveness of the security program and highlight areas of improvement to key stakeholders
• Document security processes, incident post-mortems, and recommendations for both technical and non-technical audiences

Qualifications:

-    Bachelor’s degree in computer science, IT, Cyber Security, or a related field (or equivalent practical experience)

-    7+ years of experience in cybersecurity engineering roles

-    Strong expertise in AWS Security, Microsoft Office 365 Security & Compliance tools

-    Active certifications, such as: CISSP, PCI-DSS, CISM, CISA, or AWS Certified Security Specialty

-    Proficiency in scripting languages (e.g., Python, PowerShell) and SIEM query languages (e.g., Splunk, RegEx)

-    Experience with security architecture design and implementation

-    Knowledge of encryption technologies, ZeroTrust, endpoint security, and secure access solutions

-    Strong understanding of cybersecurity frameworks (NIST, MITRE, OWASP, ATT&CK) and Tactics, Techniques, and Procedures (TTPs) of adversaries

-    Ability to analyze complex situations, develop solutions, and communicate effectively to technical and non-technical stakeholders

-    Experience leading incident response teams and managing crisis situations with a calm, methodical approach

-    Excellent verbal and written communication skills to produce technical reports and executive summaries

-    Familiarity with DevSecOps practices and integrating security into CI/CD pipelines (a plus)

Why you’ll like working here:

This isn’t a place where you will fill a seat and keep your head down. This is a place where everybody is expected to help build something. This is a place where you can be involved and lead in your areas of expertise. So, how much do you believe in yourself? If you believe in your skills, in your drive and determination, we’ll give you the resources and room to show the world what you can do. Here are just a few of the benefits we offer:

• Employer insurance coverage for employee & dependents 
• Life insurance 
• 401K with generous employer match 
• Wellness program
• Monthly Company Events  
• Hybrid Work Model 

Mercury® Financial is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, gender identity, age, status as a protected veteran, among other things, or status as a qualified individual with disability.