Senior Security Engineer I, Application Security

Company Description

Are you ready to trade your job for a journey? Become a FlyMate!

Passion, excitement & global collaboration are all core to what it means to be a FlyMate. At Flywire, we’re on a mission to deliver the world’s most important and complex payments. We use our Flywire Advantage - the combination of our next-gen payments platform, proprietary payment network and vertical specific software, to help our clients get paid, and help their customers pay with ease - no matter where they are in the world.

What more do we need to truly be unstoppable? Perhaps, that is you!

Who we are:

Flywire is a global payments enablement and software company, founded a decade ago to solve high-stakes, high-value payments in education, using modern technology.

Today, we’ve digitized payments for more than 3,300+ global clients across education, healthcare, travel & B2B, covering more than 240 countries and territories and supporting over 140 currencies. And, we’re just getting started!

With over 1000+ global FlyMates, representing more than 40 nationalities, and in 14 offices world-wide, we’re looking for FlyMates to join the next stage of our journey as we continue to grow.

Job Description

The Opportunity:

At Flywire, security isn’t a checkbox—it’s a foundational pillar of how we build. We are looking for a high-impact Senior Security Engineer I, Application Security to act as a technical visionary, bridging the gap between robust defense and rapid innovation. We expect this role to be able to blend traditional security architecture with new technologies like AI-driven automation.

Key Responsibilities

• AI-Driven Security Automation: Design, prompt-engineer, and deploy automated security review workflows, using for example Claude or other LLM APIs to perform real-time code analysis and architectural reviews within our CI/CD environment.
• Security Design & Architecture: Lead secure design reviews and advanced threat modeling for our complex payment systems and AI integrated applications.
• Engineering Collaboration & Leadership: Act as a technical bridge between Security and Engineering teams. Collaborate frequently with different engineering teams to identify and address security issues.
• Advanced Full-Stack Reviews: Oversee deep-dive technical reviews, moving beyond basic scans to perform source code audits and live application testing on high-risk features.
• Automation & SDLC: Contribute and take ownership for the automated security controls we are building and take an active part in every aspect of the secure software development lifecycle (S-SDLC).
• Mentorship & Guidance: Provide hands-on remediation guidance and mentor junior security or software engineers, also members of Product teams, on both traditional exploits and emerging AI-specific vulnerabilities.

Qualifications

Here's what we are looking for: 

Experience & Mindset

• 5+ years in Application Security. Proven experience performing web application penetration tests and vulnerability research. Skills in source code auditing, product assessments and interaction with product teams, and also experience with development of security tools are essential.
• Automation First: A passion for replacing manual, repetitive tasks with intelligent, automated scripts and AI workflows.
• AI & LLM Proficiency
• Prompt Engineering for Security: Demonstrated ability to use tools like Claude for security-specific tasks like code summarization, vulnerability detection, and automated fix generation.
• AI Pipeline Integration: Experience building custom tools or wrappers that leverage LLMs to analyze pull requests and provide context-aware security feedback.
• OWASP Top 10 for LLMs: Deep practical knowledge of defending against Prompt Injection, Insecure Output Handling, and Model Inversion.

Technical Proficiencies

• Full-Stack Depth: experience with Python, Ruby on Rails, Java and modern web dev (JavaScript, Node.js, etc.).
• Cloud & DevOps: Good knowledge of AWS or similar cloud environments, containerization (Docker), and building/maintaining GitLab CI pipelines.
• Security Tooling: Advanced experience with SAST, DAST, and SCA tools, and more importantly, the ability to tune them to eliminate noise.
• Crypto & Auth: Deep understanding of applied cryptography, OAuth2, SAML, and SSO implementations.
• Soft Skills
• Strategic Communication: Ability to translate complex AI-generated findings into actionable business risks for stakeholders.

Empathy-Driven Security: A collaborative approach that treats developers and product teams as partners, focusing on enablement rather than friction.

Compliance & Standards

• Practical experience aligning technical controls with standards like SOC 1, SOC 2, PCI-DSS, and emerging AI-governance frameworks.

Additional Information

What We Offer:

• Competitive compensation
• Employee Stock Purchase Plan (ESPP)
• Flying Start - Our immersive Global Induction Program (Meet our Execs & Global Teams)
• Work with brilliant people that will keep you on your toes, learn more about their journeys by checking out #InsideFlywire on social media
• Dynamic & Global Team (we have been collaborating virtually for years!)
• Wellbeing Programs (Mental Health, Wellness, Yoga/Pilates/HIIT Classes) with Global FlyMates
• Be a meaningful part in our success - every FlyMate makes an impact
• Competitive time off including FlyBetter Days to volunteer in a cause you believe in and
• Digital Disconnect Days!
• Great Talent & Development Programs (Managers Taking Flight – for new or aspiring managers!)

Submit today and get started!

We are excited to get to know you! Throughout our process you can expect to meet with different FlyMates including the Hiring Manager, Peers on the team, the VP of the department, and a skills assessment. Your Talent Acquisition Partner will walk you through the steps and be your “go-to” person for any questions.

Flywire is an equal opportunity employer. With over 40 nationalities across 14 different offices diversity, gender equality, and inclusion are at the core of our people agenda. We believe our FlyMates are our greatest asset, and we’re excited to watch our unique culture evolve with each new hire.

#Li-Hybrid