Senior Product Security Engineer
United States
Earnin
EarnIn is an app that gives you access to the pay you've earned - when you want it. Get paid for the hours you've worked without waiting for payday.About Earnin:
As one of the first pioneers of earned wage access, our passion at Earnin is building products that deliver real time financial flexibility for those with the unique needs of living paycheck to paycheck. Our community members access their earnings as they earn them, with options to spend, save, and grow their money without mandatory fees, interest rates, or credit checks. Since our founding, our app has been downloaded over 13M times and we have provided access to $10 billion in earnings.
We’re fortunate to have an incredibly experienced leadership team, combined with world-class funding partners like A16Z, Matrix Partners, DST, and a very healthy core business with a tremendous runway. We’re growing fast and are excited to continue bringing world class talent onboard to help shape the next chapter of our growth journey.
Position Summary:
We are looking for a passionate Product Security Engineer who is excited to jump in and help drive security engineering efforts. Join the growing Information Security org at Earnin as a Sr Product Security engineer if you have hands-on experience securing cloud environments.
You should have a natural sense of curiosity, a propensity for action, and a collaborative and diplomatic approach to problem solving.
This is a remote position.
What You'll Do:
- Perform security-focused code reviews.
- Lead application security reviews and threat modeling, including code review and dynamic testing.
- Assist teams in reproducing, triaging, and addressing application security vulnerabilities.
- Lead both critical and regular security releases.
- Lead in development of automated security testing to validate that secure coding best practices are being used.
- Participate and assist in initiatives to holistically address multiple vulnerabilities found in a functional area.
- Develop security training and socialize the material with internal development teams.
- Guide and advise product development teams as SMEs in the area of application security.
- Support and evolve the bug bounty program.
- Evaluate, test, implement and support third party security tools.
What We're Looking For:
- MS or Bachelor in Computer Science or equivalent desired
- 5+ Years of industry experience
- Able to work well with software development teams.
- Experience identifying security issues through code review.
- Excellent and professional communication skills (written and verbal) with an ability to articulate complex topics in a clear and concise manner.
- Familiarity with some common security libraries and tools (e.g. static analysis tools, proxying / penetration testing tools).
- Familiarity and ability to explain common security flaws and ways to address them (e.g. OWASP Top 10).
- Basic development or scripting experience and skills. Python and/or Go are preferred.
- A basic understanding of network and web related protocols (such as TCP/IP, UDP, HTTP, HTTPS, protocols).
- Strong understanding and experience with common security libraries, security controls, and common security flaws.
- Be a subject matter expert (SME) of at least 1 technical area impacting the security of the product.
- Strong experience working closely with developers.
- Experience in the financial services industry preferred
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security Cloud Computer Science OWASP Pentesting Product security Python Scripting TCP/IP Vulnerabilities
Perks/benefits: Career development
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Product Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs