Posted in

Staff Security Engineer

Staff Security Engineer

CompanyAltruist
LocationSan Francisco, CA, USA
Salary$200000 – $249000
TypeFull-Time
DegreesBachelor’s
Experience LevelSenior, Expert or higher

Requirements

  • 6+ years of experience working as a Security Engineer; at a B2B financial services, fintech, or SaaS organization
  • 6+ years of experience in information security, especially application security, product security, and/or security partnerships
  • Extensive experience with security assessments, security design reviews, or threat modeling
  • Proven track record of working and securing products built and hosted in AWS
  • Strong hands-on experience working with orchestrators such as Kubernetes and Infrastructure as Code (IaC)
  • Deep understanding of the software development process and a desire to find bottlenecks and propose improvements
  • Ability to work with engineers to balance security risks, customer privacy, and business requirements
  • Strong ability to work independently
  • Ideally looking for a B.A. / B.S. degree in relevant fields such as Computer Science or Computer Engineering or Information Security
  • Technologically savvy and can easily get up to speed on modern tech stacks (i.e., Java, Spring, Terraform, Kubernetes, etc.)
  • Superb communication skills
  • Resilience and unwavering determination to achieve success
  • Creative problem-solving skills

Responsibilities

  • Design and implement security controls, tools, and services to enhance the security posture of products and underlying infrastructure
  • Perform technical security assessments, code reviews, and vulnerability testing to identify and mitigate risks in software products
  • Work closely with software engineers to proactively identify and resolve security flaws and vulnerabilities during the development process
  • Engage in threat modeling to anticipate potential security threats and develop strategies to mitigate them
  • Review software designs and implementations to ensure adherence to security best practices and compliance requirements
  • Create and manage tools to collect and process security data, facilitating the detection and response to security incidents
  • Offer security guidance and support to engineers and support staff, promoting secure operational practices
  • Actively monitor systems for attacks and intrusions, responding promptly to security incidents
  • Educate and train development teams on secure coding practices and emerging security threats
  • Keep abreast of the latest security trends, vulnerabilities, and technologies to continuously improve security measures

Preferred Qualifications

  • Practiced Continuous Integration/Continuous Delivery (CI/CD)
  • Domain knowledge of brokerage platforms and financial services
  • General knowledge or working experience or involvement with Generative Artificial Intelligence (Gen AI)
  • Industry-recognized Security or AWS Cloud certifications (e.g., Amazon Certified Security, SANS, CISSP, Security+, etc.)