Principal Application Security Engineer

We are seeking an experienced Principal Application Security Engineer who has rich technical experience working in a cloud native, regulated environment. Part hacker, part engineer, you will work with engineering and technology teams to help secure our services and mitigate risks. 
This is a chance for you to work as part of the team that will accelerate Plastiq’s cloud journey. You will work on novel problems at global scale. You will have opportunities to enable our platform’s transformation by designing, developing, and implementing tools, automation, processes, and creating new techniques to move rapidly, reliably build, and deliver a frictionless experience to our customers.   
The position is ideal for a self-starter and quick learner that enjoys working in fast-paced, open and collaborative work environments. If you are a passionate application security engineer that believes deeply in automation and software defined infrastructure that enjoys contributing to best of breed technologies, you may have found a great home with Plastiq.

Your Responsibilites

• Perform secure code reviews and design sessions
• Effect measures to eliminate entire vulnerability classes
• Construct libraries which prevent security issues by design
• Identify areas where our processes may be improved, and when possible, implement improvements
• Collaborate with engineers to help Engineering and Technology balance educated decision making
• Show & tell engineers and PMs on the unexpected behaviors in our services
• Perform proactive research to stay current on security issues, and share that knowledge with Plastiq
• Collaborate with management on program direction, team growth, and on addressing systemic security issues

Your Minimum Experience Requirements

• You have 10+ years of professional software development experience with a minimum of 3+ years in the field of application security or product security
• You are experienced in one or more programming languages as you will work with multiple programming languages daily; we’re building cloud-native micro-services with a component-based frontend written in React.js, and a Node.js backend, which sits in front of our Payments Processing Platform built in Java
• You have existing application security knowledge
• You are capable of working independently while supporting a team environment
• You have the ability to efficiently manage multiple tasks with strong communication skills
• You have experience in cloud native and agile environments and familiarity with open source application security projects

Plastiq's Tech Stack

• Plastiq operates a CI/CD model and releases code to production frequently. We are building cloud-native micro-services with a component-based frontend written in React.js, and a Node.js backend, which sits in front of our Payments Processing Platform built in Java.
• For our testing platforms we use Jest for API & unit backend tests, cypress.io, for frontend testing, and Gitlab for our continuous integration and delivery. 
• Plastiq is powered by data. Our data pipeline continuously streams data to Snowflake via AWS Kinesis so our Data Engineering and Analytics team can produce machine-learning models that help drive our business.

Plastiq is a smart payment platform designed for businesses to better manage their payments and cash flow. The platform lets companies maximize their existing credit, pay in whatever way is best for their business—regardless of what payment methods their recipients accept—and get paid by card without the burden of card acceptance fees. Businesses can pay globally in more than 40 countries, and Plastiq works with all major credit card providers, including Mastercard, Visa, American Express, and Discover. Plastiq has millions of customers and has processed billions in payments for a wide range of expenses, from business supplier payments and contractors to taxes and rent. Plastiq has won a number of awards and recognitions, including being named to the 2020 Forbes FinTech 50 and 2020 Bay Area Best Places to Work by the San Francisco Business Journal.