All roles

Open role

[Remote] Senior Application Security Engineer

Remote · Chile Full-time

Note: The job is a remote job and is open to candidates in USA. Monarch is a powerful, all-in-one personal finance platform designed to help make the complexity of finances feel simple again. They are seeking a Senior Application Security Engineer to join their Security Engineering team, where the role involves conducting application security reviews and improving security practices as the company scales.

Responsibilities

  • Conduct application security reviews — threat modeling, code review, and risk assessment — for new features and major product changes across Monarch's Django/Python stack
  • Perform and improve SAST/DAST operations including triage, validation, and remediation tracking of findings in CI/CD pipelines
  • Work through the vulnerability backlog with urgency — maintaining triage criteria, remediation tracking, and escalation paths in partnership with engineering squads
  • Perform and coordinate penetration testing and security assessments against Monarch's web and API surfaces
  • Apply and improve AI security review processes for LLM-integrated features and agentic attack surfaces — covering prompt injection, data leakage, model abuse, and supply chain risk
  • Build and maintain security automations and AI-powered tooling, and define and assess security requirements for AI workflows and agentic systems
  • Participate in the weekly security on-call rotation

Skills

  • 5+ years in security engineering with demonstrated depth in Application and AI security — threat modeling, SAST/DAST, secure code review, and vulnerability management
  • Proficiency in Python and strong understanding of web application security (OWASP Top 10, API security, auth/authz patterns)
  • Hands-on experience with application security tooling — Semgrep, Burp Suite, Nuclei, or equivalents
  • Familiarity with AI/ML security risks — prompt injection, model abuse, agentic attack surfaces, or LLM supply chain risk
  • Transformative AI fluency — actively uses AI tools to accelerate security work and build automation
  • Experience in fintech or with financial data security requirements
  • Familiarity with SOC 2, NIST CSF, or similar compliance frameworks
  • Cloud security experience (AWS preferred) — IAM, container security, ECS/EKS
  • Relevant certifications: OSCP, BSCP, CSSLP, CISSP, or equivalent
  • Detection engineering and incident response experience
  • Additional offensive security experience — red teaming, bug bounty, or broader penetration testing beyond web/API surfaces

Benefits

  • Work wherever you want! As a fully remote company with no central office, we want you to work wherever you are happiest and most productive. Whether that’s out of your home, a co-working space, or elsewhere.
  • Competitive cash and equity compensation in a hyper growth, early stage company 🚀.
  • Stipend to set-up your ideal working environment.
  • Competitive Benefit Plans for employees based on your location (e.g. in the US we offer: Medical, dental and vision benefits and the ability to contribute to a 401k plan).
  • Unlimited PTO.
  • 3 day weekend every month! We take off the “First Friday” every month to focus on rest, recuperation, or just having fun!

Company Overview

  • Monarch is the most comprehensive platform for managing your personal finances. It was founded in 2019, and is headquartered in Covina, California, USA, with a workforce of 51-200 employees. Its website is https://www.monarchmoney.com.
  • More open positions

    [Remote] VP of Clinical Services and Executive Medical Director

    Work from home Full-time role

    [Remote] VP of Customer Support and Implementations

    Work from home Full-time role

    [Remote] Financial Aid Training & Development Specialist

    Work from home Full-time role

    [Remote] Manager of Web Experience & Operations

    Work from home Full-time role

    [Remote] Senior Platform Engineer

    Work from home Full-time role

    Senior Insurance Product Compliance Professional

    Work from home Full-time role

    Remote Strategic Account Executive, EMEA – AI for Fashion

    Work from home Full-time role

    Remote Epic Application Coordinator (Bridges and Data Courier)

    Work from home Full-time role

    Call Center Rep, Medical Answering Service

    Work from home Full-time role

    Delivery Manager (Remote, Full-Time) [HR183]

    Work from home Full-time role

    Regional Field Trainer - East Coast

    Work from home Full-time role

    Remote Entry-Level Data Entry Specialist – Flexible Shifts, No Experience Required, Career Growth Path at careerzynith

    Work from home Full-time role

    IRB Specialist - Institutional Review Board

    Work from home Full-time role

    Experienced Remote Chat Moderator – Flexible Hours for careerzynith

    Work from home Full-time role

    Senior Technical Account Manager

    Work from home Full-time role

    Experienced Seasonal Customer Service Representative – Remote (Bilingual: Spanish and English) at careerzynith

    Work from home Full-time role

    [Remote] Cybersecurity Analyst - Remote

    Work from home Full-time role

    Product Owner (Remote or Relocate)

    Work from home Full-time role

    Strategic Payer Initiatives Sales Executive

    Work from home Full-time role

    Administrative Assistant (Hybrid: Remote + Ocala, FL Office) Part-Time

    Work from home Full-time role

    Remote Customer Experience Specialist – Travel Hospitality & Booking Concierge (Work From Home)

    Work from home Full-time role