Security Engineer II

Are you ready to trade your job for a journey? Become a FlyMate!

Passion, excitement & global collaboration are all core to what it means to be a FlyMate. At Flywire, we’re on a mission to deliver the world’s most important and complex payments. We use our Flywire Advantage - the combination of our next-gen payments platform, proprietary payment network and vertical specific software, to help our clients get paid, and help their customers pay with ease - no matter where they are in the world.

What more do we need to truly be unstoppable? Perhaps, that is you!

Who we are:

Flywire is a global payments enablement and software company, founded a decade ago to solve high-stakes, high-value payments in education, using modern technology.

Today, we’ve digitized payments for more than 3,300+ global clients across education, healthcare, travel & B2B, covering more than 240 countries and territories and supporting over 140 currencies. And, we’re just getting started!

With over 1000+ global FlyMates, representing more than 40 nationalities, and in 14 offices world-wide, we’re looking for FlyMates to join the next stage of our journey as we continue to grow.

🚀 The Opportunity

Flywire is seeking an eager and skillful Application Security Engineer to join our elite Security Team. You will support our security efforts across our global development houses, ensuring the privacy and safety of our most confidential business and personal information.

At Flywire, we don’t just "check for bugs"—we build security into the heart of our products. If you have a "breaker" mentality and a passion for secure architecture, this journey is for you!

🎯 Your Impact & Key Responsibilities

Your mission is to ensure security is never an afterthought. You will be an active player in every aspect of the development lifecycle:

1. Security by Design & Architecture

• Define the Standard: Draft comprehensive security requirements for every new system, service, or integration needed by Flywire.

• Lead the Blueprint: Own the threat modeling and secure architecture initiatives to prevent vulnerabilities at the design stage.

• Technical Leadership: Perform lead tasks, providing guidance to other team members and setting technical standards.

2. Engineering Partnership & Collaboration

• Embed with Teams: Attend engineering syncs and collaborate frequently with different squads to identify and address security issues in real-time.

• Full-Stack Reviews: Perform deep-dive security reviews, from meticulous source code auditing to dynamic testing of live applications.

• Review & Integrate: Execute technical tasks on change and integration reviews to ensure "security-first" deployments.

3. S-SDLC Mastery

• End-to-End Ownership: Be an active part of the secure software development lifecycle (S-SDLC).

• Hands-on Remediation: Don’t just find flaws—provide expert guidance to developers on how to mitigate and fix them effectively.

🧠 Here’s What We’re Looking For

The Experience

• 4+ years in Application Security (AppSec).

• Proven experience performing web application penetration tests and vulnerability research.

• Strong skills in source code auditing and development of custom security tools.

The Tech Stack & Knowledge

• Languages: Proficiency in Ruby on Rails, Java, and modern web dev (JavaScript, Python, Node.js).

• The "Breaker" Mindset: Ability to think like an attacker to identify flaws while effectively crafting mitigating controls.

• Modern Standards: Deep understanding of OWASP Top 10 and the OWASP Top 10 for LLM Applications (AI-driven security).

• Authentication: Working experience with OAuth, SAML, and SSO.

• DevSecOps: Experience with SAST/DAST/SCA tools and integrating them into CI/CD pipelines.

• Compliance: Knowledge of security audit certifications such as PCI-DSS, SOC 1, and SOC 2.

Soft Skills

• Master Communicator: Ability to explain complex technical findings to both technical and non-technical audiences with empathy and clarity.

What We Offer:

• Competitive compensation, including Restricted Stock Units
• Employee Stock Purchase Plan (ESPP)
• Flying Start - Our immersive Global Induction Program
• Work with brilliant people that will keep you on your toes, learn more about their journeys by checking out #InsideFlywire on social media
• Dynamic & Global Team (we have been collaborating virtually for years!)
• Wellbeing Programs (Mental Health, Wellness) with Global FlyMates
• Be a meaningful part in our success - every FlyMate makes an impact
• Competitive time off including FlyBetter Days to volunteer in a cause you believe in
• Digital Disconnect Days!
• Great Talent & Development Programs

Submit today and get started!

We are excited to get to know you! Throughout our process you can expect to meet with different FlyMates including the Hiring Manager, Peers on the team, the VP of the department, and a skills assessment. Your Talent Acquisition Partner will walk you through the steps and be your “go-to” person for any questions.

Flywire is an equal opportunity employer. With over 30 nationalities across 12 different offices, and diversity and inclusion at the core of our people agenda, we believe our FlyMates are our greatest asset, and we’re excited to watch our unique culture evolve with each new hire.

Flywire is an equal opportunity employer.

#LI-Hybrid