About this role
SentiLink provides innovative identity and risk solutions, empowering institutions and individuals to transaction with confidence. We’re building the future of identity verification in the United States replacing a clunky, ineffective, and expensive status quo with solutions that are 10x faster, smarter, and more accurate.
We’ve seen tremendous traction and are growing extremely quickly. Our real-time APIs have helped verify hundreds of millions of identities, starting with financial services and rapidly expanding into new markets. SentiLink is backed by world-class investors including Craft Ventures, Andreessen Horowitz, NYCA, and Max Levchin.
We’ve earned recognition from TechCrunch, CNBC, Bloomberg, Forbes, Business Insider, PYMNTS, American Banker, LendIt, and have been named to the Forbes Fintech 50. We have also been named a 2026 FICO Industry Vanguard Decision Award Winner. Last but not least, we’ve even made history - we were the first company to go live with the eCBSV and testified before the United States House of Representatives on the future of identity.
SentiLink supports a variety of ways to work, ranging from fully remote to in-office. We operate as a digital-first company with strong collaboration across the U.S. and India. We maintain physical offices in Austin, San Francisco, New York City, Seattle, Los Angeles, and Chicago in the U.S., and in Gurugram (Delhi) and Bengaluru in India. If you’re located near one of these offices, we would love for you to spend time in the office regularly. Some roles are hybrid or in-office by design. For example, our engineering team in India works primarily from our Gurugram office.
Role:We’re looking for a Principal Information Security Engineer to lead and elevate security across SentiLink’s infrastructure, applications, and internal systems. This is a highly technical, hands-on role focused on building scalable security foundations while enabling the business to move quickly and safely.
You will partner closely with Engineering, Infrastructure, Product, Legal, and Compliance teams to design secure systems, improve detection and response capabilities, strengthen cloud security posture, and reduce organizational risk. You’ll help shape long-term security strategy while remaining deeply involved in technical implementation and operational execution.
This role is best suited for someone who combines strong technical depth with practical judgment and thrives in fast-moving, high-ownership environments.
Responsibilities:Design and build internal security tooling from scratch, including agent-based security tooling, code analysis tooling, dynamic scanning, and security assessment tools
Identify vulnerabilities across SentiLink's AWS-based stack, including application code, cloud service configurations, and integrations between the two
Develop AI-assisted and agent-based tooling to scale offensive security testing beyond what a small team can do manually
Build and maintain security automation that improves detection, response, and remediation across the organization
Conduct hands-on penetration testing and vulnerability research against SentiLink's infrastructure and applications
Partner with engineering teams to remediate findings and embed security into the development process without slowing them down
Participate in the security on-call rotation, including incident response and regular response testing
Contribute to threat modeling and security design reviews for new systems, with a focus on cloud integrations and identity flows
Stay current on offensive security techniques, AI-assisted security tooling, and emerging attack patterns relevant to fintech and identity verification
Requirements:8+ years of experience in security engineering, software engineering with a security focus, or closely related roles
Proficient in at least one systems language (Go, Rust, C++) and at least one higher-level language (Python, TypeScript)
Proven ability to design and ship production software end-to-end
Deep AWS infrastructure expertise, including IAM, EKS, RDS, networking, and managed services
Demonstrated ability to identify security misconfigurations and vulnerabilities across cloud architectures, application code, and the integrations between them
Experience conducting or building tooling for penetration testing, vulnerability assessment, or red team activities
Track record of building security automation and tooling from scratch
Comfortable operating independently on ambiguous problems without heavy process or oversight
Strong communication skills and the ability to partner with engineers who are not security specialists
Nice to have:Experience building or deploying LLM-based agents or AI-assisted security tooling
Prior experience at a security product company (Wiz, Snyk, Datadog, etc.) or other security-forward engineering org
Prior fintech, identity, or fraud detection experience
Industry certifications (OSCP, OSCE, GPEN, GXPN)
Experience with detection engineering or SIEM platforms
Published security research, CVEs, or open source security tooling contributions
Experience supporting compliance frameworks (FedRAMP, SOC 2, PCI DSS) without it being their primary focus
Compensation:$220k-280k/year + equity + benefits
Perks:Employer paid group health insurance for you and your dependents
401(k) plan with employer match (or equivalent for non US-based roles)
Flexible paid time off
Regular company-wide in-person events
Home office stipend, and more!
Corporate Values:Follow Through
Deep Understanding
Whatever It Takes
Do Something Smart