Senior Security Engineer IV (Remote)
Want to help everyday Americans invest and build wealth? Financial inequality is increasing, and too many people are getting left behind. At Stash, we are passionate about democratizing wealth creation through education, advice, and products that help customers achieve greater financial freedom.
We have open roles for Senior Security Engineers to join us and help protect our rapidly expanding web and mobile investment platform.
You’ll be a part of the team that identifies and architects solutions that will protect Stash customers, employees, and our product from threats. You will use your creativity and passion for security to secure Stash.
We are looking for team members with experience in designing and implementing solutions in one or more of the following areas: data security, application security, customer security, IT security and cloud security.
What you’ll do:
- Design and create security controls for Stash including defining security requirements, design, and driving implementation
- Identify and analyze security vulnerabilities, and engineer, scalable solutions that systematically address them in the environment
- Collaborate with Engineering and Product teams on security
- Perform security reviews, threat modeling, and assessments on our environment
- Balance our security risks and business requirements by clearly communicating risks to both technical and non-technical audiences
- Utilize your security expertise to respond to any internal security engineering questions / requests
What we’re looking for:
- 5 years of Security Engineering experience having designed, planned, and implemented security controls
- A passion for designing security solutions that will make a difference for millions of Stash customers
- Excellent communication and presentation skills, and ability to work cross functionally with stakeholders
- Prior experience in web / mobile / application development and / or IT background
- Experience automating tasks through the use of scripting languages such as Python or, Bash
- Experience with conducting security reviews / assessments / threat models and development of remediation plans
- Experience with data analysis and analytics to derive insights and drive action
- Understanding of public cloud service providers (Amazon Web Services), Containers (Docker / Kubernetes), and development tools such as Git, and CI/CD pipelines
- Understanding of risk management practices
- Understanding of compliance and regulatory requirements i.e. PCI-DSS, GDPR, SOX
- Understanding of Agile, and project management methodologies and tools i.e. JIRA
*No recruiters please*
To apply for this job please visit grnh.se.