About Rogo
Finance is the engine of the global economy, yet it runs on slow tools and outdated tech. Rogo is transforming finance by building the AI analyst that empowers every banker, investor, and executive to be smarter, faster, and more creative. We're not building generic AI; our purpose-built platform is already trusted by the world’s largest banks, hedge funds, and private equity firms. Join us and build the future of finance.
Security Engineer - Protect the Future of Finance
As a Security Engineer at Rogo, you'll be at the forefront of securing our cutting-edge, AI-driven platform. You'll be instrumental in identifying and mitigating vulnerabilities, building robust security tools, and fostering a security-first culture across the company. Dive deep into code, challenge our defenses, and help us build a resilient and secure foundation for the future of finance.
What You'll Do:
Be a Security Champion: Conduct dynamic security reviews, threat modeling, and penetration testing on applications and APIs to identify and address vulnerabilities.
Automate Security: Own the end-to-end implementation of automated security reviews within Rogo’s SDLC, making security a seamless part of our development process.
Code & Conquer: Contribute directly to code by fixing and remediating vulnerabilities identified in SDLC scans (SAST, DAST, SCA, IaC, etc.).
Build Secure Infrastructure: Review and secure cloud infrastructure, implementing hands-on Terraform and other infrastructure-as-code changes.
Architect Security Tools: Design and implement security tools and automation to streamline workflows and integrate seamlessly with our platform.
Test & Validate: Build and maintain test environments and simulation ranges to rigorously validate security controls at scale.
Collaborate & Educate: Partner with engineers across the company to embed secure coding practices into CI/CD pipelines and deliver training to developers.
Incident Response: Respond to incidents, perform root cause analysis, and continuously improve our defenses against recurring risks.
Bug Bounty Program: Work with our enterprise Bug Bounty program to triage and resolve reported vulnerabilities.
Share Knowledge: Share emerging security threats, insights, and best practices with engineering teams and leadership.
What You'll Bring:
Deep expertise in application security testing, penetration testing, and code review.
Hands-on experience with security testing tools (e.g., Burp Suite, OWASP ZAP, Snyk).
Solid knowledge of implementing SAST, DAST, and SBOM/SCA tooling in CI/CD workflows.
Familiarity with Terraform and infrastructure-as-code security principles.
Experience developing in a strongly typed language (e.g. Rust, C++, Java).
Excellent communication skills for collaborating effectively with developers, product teams, and leadership.
Applied knowledge of threat modeling, cryptography, and vulnerability management.
Understanding of security frameworks such as SOC2, CIS, ISO 27001/42001, or NIST CSF.
Bonus Points:
Hands-on cloud security experience in AWS or GCP.
Familiarity with Kubernetes security (RBAC, admission controllers, ingress, and network policies).
Are You Rogo Material?
You thrive in fast-paced environments and are excited about contributing to a startup.
You're an ambitious problem-solver, tackling challenges others deem impossible.
You're naturally curious, eager to learn about AI, technology, and finance.
You take ownership, working autonomously and comfortably with ambiguity.
You're a collaborative team player, organized, thoughtful, and kind.
Why Rogo?
Exceptional Traction: We have strong product-market fit with the world's largest investment banks, hedge funds, and private equity firms.
World-Class Team: We take talent density seriously. You'll be working alongside incredibly smart, driven individuals.
High Velocity: We move fast, giving you the opportunity to learn and grow rapidly.
Frontier Technology: You'll be developing cutting-edge AI systems, pushing the boundaries of reinforcement learning and published research.
Cutting-Edge Product: Our platform is state-of-the-art and empowers users to reinvent finance.