Senior/Staff Software Engineer - Security Location Remote (US/Canada) In the Role as a Senior/Staff Software Engineer - Security, you will be responsible for designing and implementing secure tokenization and encryption mechanisms across Oscilar’s platform. You will work closely with backend and data engineering teams to ensure that sensitive data is securely stored, processed, and transmitted in compliance with PCI DSS, HIPAA, GDPR, and SOC 2 requirements. You will play a key role in developing secure event-driven architectures, implementing data privacy frameworks, and ensuring our Kafka-based processing pipelines adhere to best security practices while maintaining performance and scalability. About Oscilar Oscilar is a cutting-edge technology company specializing in real-time decisioning and analytics. We build secure, scalable, and high-performance systems for financial institutions, fintechs, and enterprises requiring robust data security and compliance. As we expand our capabilities in tokenization, encryption, and PCI/HIPAA compliance, we are seeking an experienced engineer to lead the design and implementation of secure data handling practices across our Kafka-based event processing and analytics pipelines. Be part of an innovative security-first company working on cutting-edge real-time decisioning systems. Own critical security projects that have a direct impact on our platform and customer trust. Work in a fast-paced, highly collaborative environment with engineers who are solving hard security problems at scale. Competitive salary, equity options, and comprehensive benefits. Apply Today If you’re excited about building secure, compliant, and high-performance security solutions at scale, we’d love to hear from you! To apply, send your resumé to us via email at eng-careers@oscilar.com. Responsibilities Design and implement secure tokenization and encryption frameworks for handling sensitive data within Kafka, ClickHouse, and cloud-native environments. Develop strategies for handling tokenized data across microservices, ensuring data integrity and minimal performance impact. Architect and implement solutions for secure schema evolution, preventing type mismatches, data loss, and race conditions in workflows. Define access control policies (RBAC, attribute-based access) for sensitive data access and management. Enhance event streaming security by implementing TLS encryption, authentication, and fine-grained authorization in Kafka topics. Collaborate with security, engineering, and compliance teams to ensure compliance with PCI DSS, HIPAA, GDPR, and SOC 2. Implement security monitoring and audit trails for tokenization and detokenization events, ensuring traceability and compliance. Drive security automation by integrating tokenization within CI/CD pipelines and deploying security tools for continuous compliance monitoring. Work closely with customers and auditors to demonstrate secure data handling practices. Requirements Technical Expertise 8+ years of experience in cybersecurity, data security, or secure software engineering. Proven expertise in designing and implementing tokenization, encryption, and key management solutions. Strong background in event-driven architectures, data streaming, and Kafka security best practices. Experience implementing PCI DSS and HIPAA-compliant solutions, particularly for financial or healthcare data. Deep knowledge of cloud security (AWS/GCP/Azure) and infrastructure security best practices. Familiarity with SQL and NoSQL databases, especially ClickHouse, Postgres, and cloud-native storage solutions. Proficiency in backend development (Java, Python, Go, or similar) with a focus on secure coding practices. Strong understanding of IAM, RBAC, and authentication protocols (OAuth, JWT, TLS, mTLS). Experience working in a high-performance, real-time data processing environment. Excellent problem-solving skills and ability to design scalable security architectures. Bonus Experience with privacy-preserving technologies (homomorphic encryption, differential privacy). Experience with compliance automation and security-as-code principles. Contributions to open-source security projects related to encryption or tokenization. To apply, send your resumé to us via email at eng-careers@oscilar.com.