Role Summary
We are seeking a highly skilled Security Engineer to design, implement, and continuously improve the security posture of Neptune MFB's core banking systems, digital channels, APIs, and infrastructure. This role is hands-on, working closely with backend, DevOps, and product teams to ensure bank-grade security, regulatory compliance, and proactive threat mitigation.
Key Responsibilities
Design and enforce application, infrastructure, and data security standards across all platforms
Implement and maintain API security (OAuth2, JWT, mTLS, rate limiting)
Conduct security reviews of microservices, gRPC APIs, and third-party integrations
Lead penetration testing, vulnerability scanning, and remediation
Secure databases (MySQL/PostgreSQL), backups, and replication pipelines
Monitor and respond to security incidents, breaches, and anomalies
Implement SIEM, logging, alerting, and audit trails
Embed security into the development lifecycle by automating code quality, vulnerability, and compliance checks within pull requests and CI/CD pipelines.
Ensure compliance with CBN guidelines, NDPR, PCI-DSS, and internal policies
Work with DevOps to secure Docker, Kubernetes, CI/CD pipelines, and secrets management
Support audits, regulatory reviews, and internal risk assessments
Required Skills & Experience
3+ years experience in security engineering or application security
Strong knowledge of web, API, and backend security
Experience securing Java Spring Boot, Node.js, and microservice architectures
Hands-on experience with: OAuth2 / OpenID Connect, TLS, encryption at rest & in transit, Firewalls, WAFs, IDS/IPS
Familiarity with cloud and on-prem security models
Strong understanding of banking / fintech security risks
Ability to translate security risks into clear business impact
Nice to Have
Experience in financial services or core banking
Security certifications (CEH, CISSP, Security+, etc.)
Experience with ISO 27001 or SOC audits