Security Engineer, Data & Privacy
US Based Remote
Stash
Invest and build wealth with Stash, the investing app helping over 6M Americans invest and save for the future. Start investing in stocks, ETFs and more today.Want to help everyday Americans invest and build wealth? Financial inequality is increasing, and too many people are getting left behind. At Stash, we are passionate about democratizing wealth creation through education, advice, and products that help customers achieve greater financial freedom.
We are looking for Security Engineers to join us and help protect our rapidly expanding web and mobile investment platform. As a Security Engineer, you’ll be a part of the team that identifies and architects solutions that will protect Stash customers, employees, and our product from threats. You will use your creativity and passion for security to create the most secure environment possible at Stash.
We have a number of open roles and are looking for team members with experience in one or more of the following areas: infrastructure and cloud security, data security, application security, trust and safety (customer security), and IT security.
What you’ll do:
- Design and create security controls for Stash including defining security requirements, design, and driving implementation
- Identify and analyze security vulnerabilities, and engineer, scalable solutions that systematically address them in the environment
- Collaborate with Engineering and Product teams on security
- Perform security reviews, threat modeling, and assessments on our environment
- Balance our security risks and business requirements by clearly communicating risks to both technical and non-technical audiences
- Utilize your security expertise to respond to any internal security engineering questions / requests
What we’re looking for:
- Security Engineering experience having designed, planned, and implemented security controls
- A passion for in designing security solutions that will make a difference for millions of Stash customers
- Excellent communication and presentation skills, and ability to work cross functionally with stakeholders
- Prior experience in web / mobile / application development , (DevOps) and / or IT background
- Experience automating tasks through the use of scripting languages such as Python or, Bash
- Experience with conducting security reviews / assessments / threat models and development of remediation plans
- Understanding of public cloud service providers (Amazon Web Services), Containers (Docker / Kubernetes), and development tools such as Git, and CI/CD pipelines
- Understanding of risk management practices
- Understanding of compliance and regulatory requirements i.e. PCI-DSS, GDPR, SOX
- Understanding of Agile, and project management methodologies and tools i.e. JIRA
- Experience securing sensitive data such as Personal Information and Personal Account Numbers (PAN) including using masking / tokenization / encryption, and data loss prevention
At Stash it is our mission to help everyday Americans invest and build wealth. That includes people of all races, genders, and abilities, so it is important to us to acknowledge and address the issues of inequality in financial services head on.
Diversity and inclusion are essential to living our values, promoting innovation, and building the best products. Our success is directly related to our employees and we believe that our team should reflect the diversity of the customers that we serve. As an Equal Opportunity Employer, Stash is committed to building an inclusive environment for people of all backgrounds.
If you require any reasonable accommodations to make your application process more accessible please reach out to recruiting@Stash.com.
Invest in Yourself:
- Equity & Stash Accounts [Invest, Retire, Custodial, Bank]
- Flexible PTO
- Learning & Development Fund
- Work from Home Stipends
- Parental Leave [Primary & Secondary]
Recognition:
- BuiltIn’s Best Places to Work (2019, 2020, 2021)
- Forbes Fintech 50 (2019, 2020, 2021)
- Best Digital Bank, Finovate Awards (2020)
- Tearsheet Challenge Awards, Best Banking Card Product - Stock-Back® Card, 2020
- LendIt Fintech Innovator of the Year (2019 & 2020)
**No recruiters, please**
This position may be performed remotely anywhere within the United States except the State of Colorado.
Tags: Agile Application security Banking Bash CI/CD Cloud Compliance DevOps Docker Encryption FinTech GDPR Jira Kubernetes Privacy Python Risk management Scripting Vulnerabilities
Perks/benefits: Career development Equity Flex vacation Parental leave
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Architect jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Staff Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Security Operations Analyst jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open IDS-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs
- Open CEH-related jobs
- Open IPS-related jobs