Job Specifications
Vestwell is the financial technology company powering the new savings economy. The New York City-based fintech platform redefines how people save for the critical aspects of life across retirement, education, and healthcare savings needs. Today, Vestwell enables over 350,000 businesses and nearly 1.5 Million active savers, with over $30 billion in assets saved across all 50 United States.
Vestwell offers a range of products, including workplace-delivered retirement plans, employer-offered student loan repayment benefits, and various savings accounts for education, emergencies, and individuals with disabilities.
Vestwell's platform serves a diverse clientele, including financial advisers, employers, third-party administrators, financial institutions, payroll providers, government agencies, and individual savers. To learn more, visit vestwell.com
Who Are We Looking For?
The Technology team is seeking an experienced DevSecOps Engineer to lead security governance, compliance, and risk management activities, with a strong focus on System Security. This role bridges technical security operations and regulatory compliance, ensuring audit readiness, effective vulnerability remediation, and secure delivery of public-facing services across complex, multi-platform environments.
We are looking for a seasoned engineer to embed security directly into our software development processes. You will collaborate closely with development, DevOps, and product teams to design, implement, and maintain secure-by-design systems. This role focuses on proactive security in the SDLC (Software Development Life Cycle), automating security controls, conducting code-level security reviews, and reducing risk without slowing velocity.
You’re a great fit for our team if you can balance detail-oriented tasks with long term strategy and scale initiatives. Most of all, you must be passionate about what you create and about the impact it can have. That matters to us, a lot.
Responsibilities
Own and operate the core infrastructure that powers Vestwell security program, including security observability, detection, and protection platforms. Design systems that are resilient, scalable, and secure by default.
Enable and oversee real-time monitoring, threat hunting, and incident response
Build and maintain an automated Public Asset Inventory to provide a real-time view of webAI’s public-facing attack surface and eliminate shadow IT.
Embed security into the CI/CD pipeline by owning SAST, SCA, and DAST tooling and creating scalable workflows that ensure findings are effectively triaged and remediated with minimal developer friction.
Select, deploy, and own runtime protection tooling to enable runtime threat detection, file integrity monitoring, and micro-segmentation for containerized workloads.
Act as a senior security partner to engineering teams, providing guidance on secure architecture, leading threat modeling, supporting incident response, and shaping a strong, pragmatic security culture.
The Necessities
4+ years of hands-on experience in DevSecOps, Security Engineering, Platform Engineering, or SRE
Demonstrated success building and deploying security systems from the ground up
Strong automation skills with at least one scripting language (Python, Go, or similar)
Deep experience with Infrastructure as Code (Terraform strongly preferred; CloudFormation acceptable)
Strong cloud security experience, ideally in AWS
Experience securing containerized workloads (ECS and/or Kubernetes)
Solid understanding of security fundamentals including: Threat modeling, Incident response, Observability and detection and Runtime and infrastructure security
The Extras
Fintech experience
Startup experience
This role will be based in either the New York City, Austin, King of Prussia, or Phoenix office, and will be part of Vestwell's hybrid in-office operation.
The expected base salary range for this position is $145K - $160K base. This position is eligible to participate in the Company Bonus Pool and is eligible to receive new hire equity in the Company. Please note that salary bands are based on NY and other similar metro areas and may differ based on where the role is ultimately hired.
Our Benefits
We’re an innovative, high-growth company, with lots of exciting milestones ahead. We value health and wellness at Vestwell and in addition to a dedicated Employee Wellbeing Committee, we offer competitive health coverage and generous vacation offering. We have adopted a hybrid office policy, but all employees are welcome at our bright, comfortable office with many workspace options in our Midtown Manhattan, Austin, King of Prussia, and Phoenix offices, so everyone has a setting that is the most productive for them. Oh, and naturally we have a great 401(k) plan!
OUR PROCESS
It starts the same for every candidate: getting to know the team members through 1-2 conversations about Vestwell, your experience, and your interests. Next steps can vary by role, but the
About the Company
Vestwell is a leading fintech platform powering the new savings economy for millions of businesses and people. Headquartered in New York City, the company transforms access to essential financial wellness and savings programs to close the savings gap. As an extension of its partners, Vestwell enables a suite of programs focused on the most critical aspects of one's financial future, including retirement, healthcare, disability, and education needs - such as 401(k), 403(b), IRA, 529 College, ABLE disability, and Emergency Sav...
Know more