Key skills
AWSCloudJavaPythonSDLCGoAIMLGenAISageMakerBedrockLeadershipRisk ManagementRemote WorkNetwork SecurityCloud Security
About this role
Role Overview
- Lead product security engineering for our payment platform—owning threat modeling, security architecture review, secure SDLC practices, and API security across the engineering organization
- Help mature our AI security program developing genAI controls, securing ML pipelines, and working alongside the Model Risk Office for model evaluations.
- Provide security architecture oversight across infrastructure and enterprise security—endpoint, network, VPN, and corporate security controls—ensuring technical standards are coherent across all security domains
- Shape how security engineering scales across the organization through tooling, frameworks, security champions engagement, and engineering partnerships
Requirements
- 10+ years of security engineering experience with demonstrated technical leadership across multiple security domains; or equivalent combination of education and experience
- Deep product security expertise: threat modeling, security architecture review, secure code review, API security, authentication/authorization design, and secure SDLC practices
- Experience with or strong interest in AI/ML security—understanding of risks including adversarial attacks, model poisoning, prompt injection, data privacy, and AI supply chain threats. We want someone who is genuinely excited about AI technology and wants to secure it, not just govern it
- Broad security fluency across infrastructure and enterprise security—endpoint protection, network security, identity, and cloud security—even if your deepest expertise is in application and product security
- Experience working in cloud-native environments (AWS preferred) with familiarity across AI/ML services (Bedrock, SageMaker, etc.)
- Proven ability to build security frameworks, tools, and programs from the ground up
- Strong programming skills in at least one language (Python, Java, Go, or similar) with the ability to read and review code across multiple languages
- Experience with security assessment methodologies and risk management frameworks
- Working knowledge of compliance and control frameworks relevant to financial services (PCI DSS, SOX, SOC2, NIST CSF)
- Ability to communicate complex security risks to both technical and executive audiences.
Tech Stack
- AWS
- Cloud
- Java
- Python
- SDLC
- Go
Benefits
- Multiple health insurance options
- Flexible time off – take what you need
- Retirement savings program with company contribution and after tax contributions
- Equity in a publicly-traded company and an Employee Stock Purchase Program
- Family-forming benefits, fertility support, and up to 20 weeks of Parental Leave
- Free therapy sessions, financial and professional coaching, and legal advice
- Monthly stipend to support our remote work model
- Annual “development dollars” to support our people growth and development
- Through Flex First, the freedom to live and work wherever you and your family thrive