Senior Security Engineer

Alkami is a leading cloud-based digital banking solutions provider for financial institutions in the United States that helps clients to transform through retail and business banking, digital account opening and loan origination, payment fraud prevention, and data analytics and engagement solutions. Alkami’s Mobile App Platform has been certified by J.D. Power for providing clients with “An Outstanding Mobile Banking Platform Experience.”

Founded in 2009, we continue to be recognized for our intentional culture and tremendous growth (Best Place to Work in Fintech; Best & Brightest to Work For Nationally; and Comparably’s Best Company Culture, Best Career Growth, Best Engineering Team, and Best Places to Work in Dallas, among others). Through our bold investments in technology and people, we empower our clients to grow confidently, adapt quickly, and build thriving digital banking communities through tailored experiences for over 19.5M users.

As a remote-first company, most of our positions can be remote in the US, except for key roles, which will be indicated in the Job Title.

Follow us on Glassdoor and Linkedin!

As a Senior Security Engineer on Alkami’s Enterprise Information Security team, you will hold a highly visible, business-critical role safeguarding the resilience, availability, and integrity of online banking platforms. This position requires a self-starter who can critically assess risks, recommend solutions, and own the implementation and configuration of advanced security tools to protect internal and customer environments.

The role is central to advancing Alkami's network security posture by engineering and optimizing defensive controls. Key responsibilities include leading configuration, tuning, and lifecycle management of the Cloudflare Web Application Firewall (WAF) and leveraging Terraform to deploy scalable, automated configurations. You will manage and refine Palo Alto firewall policies enterprise-wide, ensuring alignment with emerging risks and business needs. You will manage and participate in other assigned Security Engineering technology platforms. As a member of the security engineering team, you will also participate in the ongoing management of Alkami’s certificate lifecycle program. This mature, mission-critical capability requires precision, collaboration, and operational excellence.

Your work will directly influence Alkami’s ability to deliver secure, reliable services by partnering closely with Security Architecture, Site Reliability Engineering (SRE), and Network Engineering teams to ensure that security and compliance requirements are embedded throughout the lifecycle of all technology initiatives.

Key Responsibilities And Duties

• Security Operational Coverage and Ownership: Serve as the primary escalation resource for Cloudflare issue resolution. Provide operational coverage when issues arise and perform data analytics on the Cloudflare WAF to continuously learn and improve threat detection.
• Cloudflare & Infrastructure-as-Code (IaC): Engineer, optimize, and maintain Cloudflare security solutions (WAF, Bot Management, Traffic Filtering) and implement/manage configurations using Terraform-based IaC for consistency and scale.
• Network Security Governance: Manage and refine enterprise Palo Alto firewall policies, ensuring continuous tuning against emerging threats and aligning rule sets with business requirements.
• Secure Design & Collaboration: Partner with Security Architecture, SRE, and Engineering teams to ensure secure design and implementation of network paths, access patterns, and cloud services, and to provide actionable security requirements.
• Risk Management & Assessments: Conduct ongoing security assessments of network and application controls to identify risks, validate protections, and drive remediation activities with partner teams.
• Subject Matter Expertise (SME): Serve as the SME for Cloudflare WAF, Terraform, and Palo Alto firewall governance, participating in security incidents and contributing to strategic initiatives.
• Enablement & Lifecycle Management: Support the enterprise certificate lifecycle program and promote organizational awareness of network/application security best practices and secure patterns.
• On-Call and Mentoring: Participate in on-call rotations and help train and mentor engineers.
  
  

Qualifications

• Extensive Security Engineering Background (5+ years): Proven experience in Information/Network Security engineering, specializing in protecting cloud (AWS preferred) and web-facing environments, and operating in externally audited settings (e.g., PCI DSS, SOC 2).
• Tool & IaC Proficiency: Demonstrated success deploying, tuning, and maintaining a wide array of enterprise security controls (WAF, EDR, Firewalls, SIEM, IDPS, etc.). Expert proficiency with Infrastructure-as-Code (IaC), specifically Terraform, to manage Cloudflare and AWS configurations at scale.
• Deep Network Architecture Knowledge: Strong command of network security architectures, including segmentation, traffic inspection, enterprise firewall management, modern security principles, secure protocols, and relevant threat patterns.
• Communication & Collaboration: Excellent analytical, problem-solving, and communication skills, with the ability to quickly assess complex scenarios, determine effective mitigation strategies, and build strong, collaborative relationships across technical and leadership teams.
• Learning: Strong desire to continuously learn, adapt, and contribute to a rapidly evolving security program and engineering organization.
• Education: Bachelor’s degree in Computer Science, Information Security, Engineering, or a related technical field (or equivalent practical experience).
  
  

Desired Skills

• Security certifications such as AWS Certified Security – Specialty, CISSP, CCSP, or CCSK.
• The ability to systematically investigate and isolate security incidents in a complex environment
• Prior experience in fintech, banking, or other highly regulated industries.
• Background in high-availability SaaS, regulated environments, where zero-downtime operations are critical.
• Ability to support an environment and projects that may require irregular or long working hours, such as to support the team through maintenance windows for planned upgrades and project milestones, and handle escalations of security concerns outside of regular working hours to address urgent situations
• Previous experience supporting and addressing security concerns in a multi-tenant, hosted solution in a cloud-based architecture
  
  

The salary range for this position is: $110,000 - $130,000

Cool Things to Know

Not Just Any Company: Alkami has an awesome diverse and inclusive environment. We have a FUN culture and offer great benefits, including remote-first environment, unlimited paid time off, 401(k) with employer match, and more.

Work Authorization: We cannot offer employment sponsorship at this time. Candidates must be eligible to work in the US for full-time employment.

Recruiters: We are not looking for outside recruiting firms to help us in this search. Thank you for understanding.

Pay Transparency: As of January 1, 2023, new states and locales have enacted pay equity laws that require more pay transparency by employers in the following states: California, Colorado (effective January 1, 2021), Connecticut, Maryland, Nevada, New Jersey, New York, Ohio, Rhode Island and Washington.

The Important Stuff

Alkami Technology is an Equal Opportunity Employer and Prohibits Discrimination and Harassment of Any Kind: Alkami is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at Alkami are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV Status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. Alkami will not tolerate discrimination or harassment based on any of these characteristics. Alkami encourages applicants of all ages.

J.D. Power 2024 Mobile App Platform Certification ProgramSM recognition is based on successful completion of an audit and exceeding a customer experience benchmark through a survey of recent servicing interactions. For more information, visit jdpower.com/awards.