Security Engineer in Orlando, Florida at CURRENCY EXCHANGE INTERNATIONAL
Explore Related Opportunities
Job Description
Currency Exchange International (CXI) is a Financial Services and Technology Provider based in Orlando, Florida.
CXI provides a wide range of foreign exchange services to customers in the United States. CXI’s primary business channels to service customers are through its company-owned branch locations and foreign exchange partnerships with financial institutions and corporations. CXI has been providing global payment solutions for clients that span wide-ranging industries. As one of North America's leading foreign exchange wholesalers, CXI can provide personalized and efficient service, competitive rates, as well as a number of settlement options. Visit our website to learn more about life at CXI: https://www.ceifx.com/about/life-at-cxi
Our Value Statement: We help our clients identify and create foreign exchange solutions, delivering a best practices approach through unparalleled customer service and integrated technology to create significant financial and operational efficiencies.
Our Values:
- Customer First - We earn the right to be our clients’ first choice.
- Integrity - We hold ourselves to the highest standard to build trust.
- Collaborative - We always win as a team.
- Innovative - We find new methods to deliver change and advance technology to the industry.
- Passionate - We are driven to be the best in class.
Currency Exchange International is looking for a skilled and motivated Security Engineer to join our IT Team! This is a hybrid position, based in Orlando, FL.
Summary: The Security Engineer will own and execute key preventative security controls and security hygiene initiatives, including developing and maintaining standards that improve the company’s security posture, driving control implementation projects to completion, and ensuring day-to-day operational security work does not stall long-term risk reduction. The Engineer will have a strong understanding of security principles, demonstrated technical depth in implementing and maintaining security controls, and a proactive approach to identifying and mitigating security risks. This role requires strong task and project management skills, excellent communication, and the ability to partner effectively with IT operations, engineering, business stakeholders, and security operations partners.
Essential Functions:
- Own and execute preventative security controls and security hygiene initiatives that measurably improve security posture over time.
- Maintain strong working knowledge and configuration-level understanding of core security capabilities, with an emphasis on preventative controls (identity and access controls, endpoint controls, data protection controls, email security controls, vulnerability management, and secure configuration baselines).
- Drive security hygiene work through disciplined task management, prioritization, and follow-through; track work clearly, communicate status, and remove blockers.
- Produce clear written documentation as a standard part of the role, including implementation plans, runbooks, control narratives, decision records, and audit-ready evidence artifacts.
- Partner with internal IT operations and engineering teams to plan, execute, and validate control implementations and configuration changes with minimal business disruption.
- Demonstrated expertise in securing enterprise AI ecosystems, including LLMs, AI agents, MCP integrations, RAG solutions, AI service providers, data pipelines, and supporting controls for identity, data protection, governance, monitoring, and resilience against AI-specific threats.
- Support application security and testing by serving as the primary technical interface with external penetration testing partners; help plan test scope and validate remediation, administer and optimize automated security testing platforms, and partner with engineering to operationalize SAST/DAST results through triage, prioritization, and secure-by-design guidance.
- Support vulnerability management operations by coordinating remediation workflows, validating fixes, tracking exceptions, and improving recurring processes to reduce exposure.
- Contribute to control evidence readiness by ensuring preventative controls are implemented in a way that is auditable, repeatable, and well-documented.
- Collaborate with security operations partners (including MDR and managed security partners) to ensure preventative controls align with detection and response workflows and reduce operational noise.
- Assist with day-to-day security operations tasks as needed (access support, security configuration changes, investigations support), while maintaining priority on hygiene and control implementation work.
- Participate in incident response activities, including serving in an on-call and/or escalation capacity as needed, executing containment and mitigation actions, and completing post-incident follow-up work to prevent recurrence.
- Help manage and continuously improve the security testing and validation program, including vulnerability scanning, configuration validation, periodic control testing, and supporting third-party penetration testing and remediation tracking.
- Stay current on security threats, vulnerabilities, and best practices; translate relevant changes into actionable improvements to posture and control design.
- Support internal and external security interactions by helping articulate security practices and producing clear, audit-ready evidence when needed (auditors, regulators, and customers).
- Develop working knowledge of monitoring, detection, and response processes to provide coverage for the security engineering function; be able to step in on core security operations workflows when needed.
- Act as a strong partner and communicator across technical and non-technical audiences; write clear documentation, status updates, and implementation plans.
Competencies:
- Action Oriented
- Functional Skills
- Situational Adaptability
- Effective Communication
- Optimizing Work Processes
- Nimble Learning
Required Education and Experience:
- Bachelor’s Degree in Information Technology, Information Security, or a related field, or equivalent practical experience.
- Security certifications (or progress toward certifications) preferred.
- 5+ years working in an information security or security engineering related role (or equivalent experience with substantial security engineering ownership).
- Demonstrated experience implementing and maintaining preventative security controls in a modern enterprise environment (identity and access controls, endpoint and email protections, vulnerability management processes, data protection controls, and configuration baselines).
- Experience supporting security control implementation projects end-to-end, including planning, stakeholder coordination, change execution, validation, documentation, and operational handoff.
- Working knowledge of application security practices and common web vulnerabilities (for example OWASP Top 10), with experience coordinating third-party penetration tests and translating automated SAST/DAST findings into actionable remediation guidance in partnership with development teams.
- Strong understanding of security fundamentals including authentication, authorization, security monitoring concepts, secure configuration principles, network security fundamentals, and risk-based prioritization.
- Experience supporting security assessments and third-party testing activities (for example, coordinating penetration tests, tracking remediation, and validating fixes).
- Strong task management and project execution skills; ability to manage competing priorities, clearly document work, and consistently deliver outcomes.
- Excellent written and verbal communication skills; able to explain technical concepts clearly and collaborate effectively across teams.
- Strong written documentation skills, including the ability to produce clear runbooks, procedures, technical summaries, and stakeholder-facing updates.
Position Type / Expected Hours of Work: This is a full-time hybrid position based in Orlando, FL. Days of work are Monday through Friday. Occasional evening and weekend work may be required as job duties demand.
Benefits:
- Vacation Time
- Sick Time
- Holiday Pay
- Healthcare Benefits
- Commute Reimbursement
- 401K Plan - CXI will match up to 5%
- Tuition Reimbursement
- Short & Long-Term Disability
Currency Exchange International is an Equal Opportunity Employer that does not discriminate on the basis of actual or perceived race, religion, color, sex (including pregnancy and gender identity), sexual orientation, parental status, national origin, age, disability, family medical history or genetic information, political affiliation, military service, any other non-merit based factor or any other characteristic protected by applicable federal, state or local laws. Our leadership team is dedicated to this policy with respect to recruitment, hiring, placement, promotion, transfer, training, compensation, benefits, employee activities and general treatment during employment. If you’d like more information about your EEO rights as an applicant under the law, please visit http://www1.eeoc.gov/employers/poster.cfm