Staff Software Engineer, Security

About The Position

Requirements

• 8+ years experience in hands-on, senior, and highly autonomous security roles embedded in an engineering or software development related department.
• Hands-on experience securing web applications, designing secure solutions, and providing meaningful security feedback to engineering design documentation and code reviews.
• Have contributed meaningfully to company-level security strategy and owned security programs end-to-end.
• Desire to directly manage and mentor a small group (1-3) of security software engineers.
• Have played a significant role in hiring for security professionals.
• Strong written and verbal communication skills.
• Experience working with functional leaders, product management, engineers, IT, and non-technical business staff.
• Independently executed on a broad range of security initiatives spanning infrastructure security, application security, and automating business controls.

Nice To Haves

• Bug Bounty or other Red-Team vulnerability hunting finds.
• Recently worked at a fast-paced startup, scaleup, or B2C app-first company.
• Deep familiarity with Datadog APM or other application insight tools.
• Experience with our specific stack: AWS, Kubernetes, Python + FastAPI, React, Postgres, Kafka, Redis.
• Experience with the fintech industry and its specific threats and regulations.
• Experience acting as a thought leader regarding common IT Security concepts such as endpoint protection, SIEM best practices, and insider threat detection/prevention.

Responsibilities

• Driving accountability and ownership of application security concerns company-wide, ensuring the resolution of findings, and meeting strategic objectives.
• Directly manage 1-2 software security engineers including security interns.
• Identify, scope, prioritize, and often individually execute on high-impact security work.
• Mentor and unblock members of your team and core product software engineers outside the team.
• Architect complex security solutions and contribute to our long term security roadmap.
• Deliver continuous business value through AppSec, DevSecOps and other security project work.
• Act as a trusted point of contact for security questions and issues, owning the process of responding to and ensuring the remediation of security-related inquiries and incidents.
• Monitor industry trends and major security developments, ensuring we're quick to respond.

Benefits

• Remote-First Flexibility: Work from anywhere in the world and choose the hours that suit you best.
• Time to Recharge: Enjoy unlimited PTO, company-wide recharge days, and annual team offsites.
• Everyday Perks: Weekly UberEats credits and travel discounts on SuperTravel.
• Family-Friendly Benefits: Generous parental leave and a flexible return-to-work plan.
• Comprehensive Compensation: Competitive salary, equity options, and top-tier benefits starting on day one.
• Investing in You: Access to wellness budgets, personal development funds, and team-level learning resources.