Rain · 13 hours ago
Security Engineer
New York, NY
Full-time
Hybrid
Mid, Senior Level
$120K/yr - $200K/yr
4+ years expRain makes the next generation of payments possible across the globe, and they are seeking a Security Engineer with a focus on Application Security. This role involves leading application security assessments, integrating automated security tooling, and developing security standards to ensure the delivery of secure applications.
BlockchainCryptocurrencyDecentralized Finance (DeFi)FinTechWeb3
Responsibilities
Lead application security assessments, including vulnerability scanning, code reviews, and threat modeling with engineering teams
Partner closely with product and development squads to drive remediation and help teams understand and resolve security findings efficiently
Integrate and scale automated security tooling across CI/CD pipelines (SAST, DAST, SCA, IaC) to shift security left
Develop and maintain application security standards, patterns, and guardrails that reduce risk and support rapid delivery
Drive threat modeling and risk assessments for new features, APIs, and services
Collaborate with Cloud & Infrastructure Security to align security controls across layers and support cloud-native security requirements
Support incident response for application-level security events and contribute to root-cause analysis and future mitigation strategies
Help build internal training and awareness programs to elevate secure coding and developer security literacy
Track and surface key security metrics, trends, and continuous improvement insights to leadership
Qualification
Required
4–8+ years of experience in security engineering, application security, offensive security, or secure software development; strong track record of securing modern applications
Hands-on experience with security tools such as Semgrep, Burp Suite, Snyk, Trivy, or similar for static, dynamic, and dependency security analysis
Solid understanding of web, API, and mobile security vulnerabilities (e.g., OWASP Top 10, API Top 10)
Experience driving or participating in threat modeling and secure design reviews
Familiarity with cloud concepts and securing cloud workloads
Collaborative mindset — you enjoy working closely with engineers to co-create practical security solutions
Practical understanding of SDLC and integrating security into development workflows
Ability to independently identify, prioritize, and drive remediation on critical findings
Experience balancing security risk with business and technical constraints
Preferred
Experience or exposure to runtime application protection (RASP) or advanced monitoring (e.g., eBPF-based tooling)
Experience with cloud security automation frameworks such as Security Hub remediations or DLP improvements
Security certifications like CISSP, CSSLP, OSCP, GWAPT, or similar
Familiarity with compliance frameworks like SOC 2, ISO 27001, OWASP SAMM and aligning controls
Prior experience in fintech, payments, or highly regulated environments
Exposure to API security tooling and design best practices
Benefits
Unlimited time off 🌴 Unlimited vacation can be daunting, so we require Rainmakers to take at least 10 days off.
Flexible working ☕ We support a flexible workplace. If you feel comfortable at home, please work from home. If you’d like to work with others in an office, feel free to come in. We want everyone to be able to work in the environment in which they are their most confident and productive selves. New Rainmakers will receive a stipend to create a comfortable home environment.
Easy to access benefits 🧠For US Rainmakers, we offer comprehensive health, dental, and vision plans for you and your dependents, as well as a 100% company subsidized life insurance plan.
Retirement goals💡Plan for the future with confidence. We offer a 401(k) with a 4% company match.
Equity plan 📦 We offer every Rainmaker an equity option plan so we can all benefit from our success.
Rain Cards 🌧️ We want Rainmakers to be knowledgeable about our core products and services. To support this mission, we issue a card for our team to use for testing.
Health and Wellness 📚 High performance begins from within. Rainmakers are welcome to use their card for eligible health and wellness spending like gym memberships/fitness classes, massages, acupuncture - whatever recharges you!
Team summits ✨ Summits play an important role at Rain! Time spent together helps us get to know each other, strengthen our relationships, and build a common destiny. Expect team and company off-sites both domestically and internationally.
Company
Rain
Rain is a fintech company that builds stablecoin-powered payment infrastructure that allows businesses and individuals to use digital money.
51-200 employees
H1B Sponsorship
Rain has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (2)
2023 (1)
2022 (1)
2021 (1)
Funding
Current Stage
Growth StageTotal Funding
$332.5MKey Investors
ICONIQ CapitalSapphire VenturesNorwest
2026-01-09Series C· $250M
2025-08-28Series B· $58M
2025-03-24Series A· $24.5M
Leadership Team
Farooq Malik
Co-Founder and CEO
Charles Yoo-Naut
Co-Founder and CTO
Recent News
2026-01-14
2026-01-14
2026-01-12
Company data provided by crunchbase