Sr. Staff Information Security Engineer

Today, through BHN’s single global platform, businesses of all kinds can tap into the world’s largest network of branded payment solutions. BHN helps businesses grow revenue, increase loyalty, motivate and reward their teams, disburse funds, and engage consumers. Branded payment solutions include the issuance and distribution of gift cards, egifts, corporate payouts, and rewards, along with the technology to deliver these products in seamless, integrated ways. BHN’s network spans the globe with more than 400,000 consumer touchpoints.

This position may be performed remotely anywhere within the United States except for the State of Alaska, North Dakota, or South Dakota. Employees located within 50 miles of a BHN office will be considered a "Hybrid" employee and are required to come into the office 2 days per week based on office schedule.

We are seeking a Senior Staff Information Security Engineer to join our Technology organization. Reporting to the Sr. Director of InfoSec, you will play a pivotal role in embedding security throughout our software development lifecycle (SDLC) and securing our cloud-native environments. This role blends technical expertise, strategic leadership, and cross-team collaboration to solve complex application and cloud security challenges and elevate the organization’s security posture.

Application Security Leadership:

• Embed security into the SDLC, including requirements, design, development, and deployment phases.
• Define and promote secure coding practices across engineering teams.
• Perform security design reviews, threat modeling, and architecture assessments for applications, APIs, and microservices.

Cloud Security Enablement:

• Collaborate with cloud engineering teams to secure AWS environments, leveraging tools like GuardDuty, CloudTrail, Macie, and AWS Config.
• Ensure application security controls extend seamlessly into cloud-native workloads.

Risk Management:

• Conduct vulnerability assessments using SAST, DAST, and software composition analysis (SCA).
• Analyze findings, prioritize remediation, and track to resolution.
• Develop and implement risk mitigation strategies aligned with business needs.

Collaboration & Mentorship:

• Partner with engineering, DevOps, and product teams to raise security maturity.
• Mentor junior engineers and advocate for a security-first mindset.

Deep Application Security Expertise:

• Strong background in secure coding practices, API security, and software architecture.
• Hands-on experience with tools like SAST, DAST, SCA, and fuzzing platforms.

Cloud Security Knowledge:

• Solid understanding of AWS services (IAM, Lambda, S3, VPC) and AWS-native security tooling.
• Experience securing containerized and microservice-based environments.

Leadership & Communication:

• Ability to influence cross-functional teams and communicate effectively with technical and non-technical stakeholders.
• Strong problem-solving, analytical, and risk prioritization skills.

Certifications & Frameworks:

• Relevant certifications such as CISSP, CSSLP, or AWS Security Specialty preferred.
• Familiarity with security standards and frameworks (OWASP, NIST, ISO 27001).

Experience: 7+ years of experience in application security, cloud security, or related fields.

Why Join Us?

At Blackhawk Network, we believe security is not just a necessity but a catalyst for innovation. You’ll have the opportunity to:

• Shape cutting-edge security strategies in a global organization.
• Work with a dynamic team that values collaboration, creativity, and continuous growth.
• Enjoy a culture that celebrates diverse perspectives and empowers you to make a lasting impact.

Ready to elevate your career and redefine what’s possible in security? Join us and be part of a team that’s transforming the future of technology.

Apply today!

Blackhawk Network offers benefits including 401k with employer match, medical, dental, vision, 12 paid holidays throughout the year, 1 hour of sick pay accrual for every 30 hours worked, parental leave, life insurance, disability insurance, accident and illness insurance, health and dependent care flexible spending accounts, wellness benefits, and flexible time off for all full-time employees. 

Blackhawk Network provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.  Blackhawk Network believes that diversity leads to strength. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.

Blackhawk Network encourages applicants with previous criminal records to apply to all positions and, pursuant to the San Francisco and Los Angeles Fair Chance Acts (and other “Fair Chance” laws), Blackhawk Network will consider for employment qualified applicants with arrest and conviction records.  For Philadelphia applicants or jobs, please see a copy of Philadelphia’s ordinance on this topic by clicking this link: https://codelibrary.amlegal.com/codes/philadelphia/latest/philadelphia_pa/0-0-0-280104.