Our team is responsible for functions across corporate security, detection & response and infrastructure security domains; and we perform systems engineering and automation to support those functions. Security Operations is part of our wider Trust & IT organization which means you will have the opportunity to work closely with Application Security, Corporate Engineering, GRC and IT and to improve security configurations, drive positive employee behaviors and generally work to prevent events from becoming incidents.

You will also help build and maintain our team’s open source project Substation and have the opportunity to contribute to the Brex Tech Blog. You’ll be part of a team that actively contributes to the wider security community and has a commitment to mentorship and engineering excellence.

We’re looking for individuals with a strong background and interest in detecting, responding to, and resolving security incidents and security challenges. You should be comfortable dealing with lots of moving pieces, changing priorities, and new technologies, while having a keen eye for detail. Most importantly, you should be enthusiastic about working with a variety of backgrounds, roles, and people across Brex.

Building a world-class financial service requires world-class security.

XML job scraping automation by YubHub

The successful candidate will design, build, and maintain high-scale automation workflows and AI-assisted capabilities that proactively mature Greenlight's security posture. They will also architect and implement security guardrails for internal AI usage, ensuring LLM integrations and automated agents operate within company risk tolerances.

Key responsibilities include:

• Developing custom integrations across the security and business systems stack (SaaS, FinTech tools, and internal APIs) to eliminate manual silos.
• Building and configuring automated tooling for real-time monitoring of data security, privacy, and vulnerability management.
• Partnering with IT, Engineering, and Business Owners to identify operational bottlenecks and deploy AI-powered solutions that enhance both security and efficiency.
• Collaborating with DevOps to bake automated security controls into the CI/CD pipeline and cloud environments.
• Creating high-quality designs, workflow diagrams, and playbooks to ensure automated systems are maintainable and transparent.

Requirements include:

• 4+ years of professional experience in Cybersecurity, DevOps, or Software Engineering.
• Strong proficiency in Python (preferred) or Go for building custom security tools and API-heavy integrations.
• Solid understanding of cloud security principles (AWS/GCP), containerization (Docker/K8s), and securing distributed systems.
• Deep familiarity with the OWASP Top 10 (including LLM-specific risks) and CI/CD security best practices.
• Hands-on experience with CI/CD platforms (GitHub Actions, GitLab CI) and no-code/low-code automation platforms (e.g., Tines, Torq, or Tray.io).
• Proven experience using AI-assisted tools (Copilot, Cursor, etc.) to accelerate development and a curiosity for deploying AI-driven security solutions.

Nice to have:

• Experience with Infrastructure-as-code (IaC)
• Direct experience implementing security controls within both AWS and GCP.
• Security certifications such as CISSP, Security+, or specialized GIAC certifications.

XML job scraping automation by YubHub