Make a game-changing next move.

Learn more about the opportunities in Coatue's portfolio.
192
companies
6,825
Jobs

Staff Security Engineer (Product Security)

Stash

Stash

Product
United States · Remote
Posted 6+ months ago

Too many people in the U.S. continue to be left behind by traditional financial services institutions. At Stash, an investing app for more than 2 million active subscribers, we’re on a mission to address that reality by empowering people to invest and build better lives. We’re turning money into a source of hope and opportunity and giving our customers the confidence to take charge of their money and financial future.

It’s an exciting time to be a Stasher! Bolstered by a new slate of world-class leaders and a fresh round of financing, we’re headed into our next phase of growth with momentum. We’ve implemented product enhancements that make it easier for individuals to start their financial journey with us, and operational changes to help us deliver for and support our customers with optimal speed, rigor, and transparency. Also in the past year, Stash launched its groundbreaking back-end infrastructure, Stash Core, allowing the company to exceed 70% in gross margin as it marches towards profitability.

We are looking for two Staff Security Engineers to join our team and protect our rapidly expanding web and mobile investment platform. As a Staff Security Engineer, you’ll be responsible for identifying and architecting solutions that will protect Stash customers, employees and our product from attacks.These are hands-on security engineering roles. The ideal candidates will have a strong track record of implementing security technologies in highly regulated and fast-paced environments and will have experience in cloud security, security engineering as well as product and enterprise security.
What You’ll Do
  • Work to protect Stash’s data stores, endpoints, systems, networks, applications, and personnel. Including but not limited to, zero-trust, secrets management, identity management, mobile device posture management, cloud posture management, user behavior analytics, and bot management solutions
  • Improve and maintain Stash’s protective and detective security controls through continuous improvement and automation
  • Working to identify areas of security vulnerabilities and drive cleverly engineered, scalable solutions that improve our defense-in-depth
  • Helping other engineers design more secure systems via design input and code review
  • Enhance the SDLC to incorporate security development best practices, testing and auditing
  • Oversee or perform penetration tests, vulnerability scans and risk assessments on our microservices and infrastructure
  • Be a security subject matter expert and respond to any internal security engineering questions/requests
Who We’re Looking For
  • Bachelors in Computer Science or a related discipline or equivalent experience
  • 7+ years proven work experience as a security professional with hands-on experience in multiple security domains including but not limited to Security Architecture, Network Security, Cloud Security, Mobile Security, and Web Security
  • 5+ years experience working with AWS
  • Strong comprehension of secure application development practices
  • Experience with conducting security assessments
  • Software development experience with one of the following languages: Ruby on Rails, Scala, Java, or Go
  • Strong scripting experience in Python and/or Bash
  • Strong experience with Terraform
  • Exceptional written and oral presentation skills
Gold Stars
  • CISSP, CISM, CEH or other relevant certifications highly desired

#LI-REMOTE


Our Commitment to Diversity, Equity, and Inclusion

We proudly celebrate the unique qualities that make you you, 365 days a year, and not just because it’s the right thing to do or good for business. We embed the principles and practices of diversity, equity, and inclusion (DEI) into all that we do to prioritize people, a Stash core value, and to ensure Stashers of all backgrounds and experiences can be their authentic selves.

We are also proud to be the first and only venture-backed fintech to join the CEO Action for Diversity & Inclusion™, and as an Equal Opportunity Employer, Stash is committed to building an inclusive environment for people of all backgrounds.

Helping You Invest in Yourself

  • Comprehensive total rewards package, comprising compensation (base salary, equity, and depending on level, an annual bonus) and health care benefits
  • Complimentary subscription to Stash+ account
  • Remote-first work policy – Live and work where you feel the most productive, whether that is in your home, in an office (including our NYC and London offices), or a combination of both, anywhere in the US or UK
  • Flexible PTO
  • Annual learning and development reimbursement benefit
  • Work-from-home equipment stipends; home internet subsidy
  • Paid Parental Leave (offerings for birth giving and non-birth giving parents) Primary & Secondary
  • Enhanced health and wellness benefits through One Medical, Gympass, and Maven Health
  • Opportunities to participate in Stash Gives, our charitable giving and volunteerism program, powered by Millie, with an annual company match

External Recognition for Stash

  • Benzinga’s 2023 Best Brokerage for Beginners and Best Robo-Advisor Awards
  • Qorus-Accenture’s 2023 Banking Innovation Awards
  • USA Today and Statista’s 2023 Top 500 Best Financial Advisory Firms
  • Comparably's Best Company Awards: Best Places to Work, Best Company Outlook, and Best Engineering Team for Diversity, Women, Culture, and more! (2023)
  • Fintech Breakthrough Award: Best Personal Finance App (2023)
  • BuiltIn’s Best Places to Work (2022, 2021, 2020, 2019)
  • Forbes Fintech 50 (2021, 2020, 2019)
  • Best Digital Bank, Finovate Awards (2020)
  • Tearsheet Challenge Awards, Best Banking Card Product - Stock-Back® Card, 2020
  • LendIt Fintech Innovator of the Year (2020, 2019)
Salary Range: $159,408 - $236,160
The base salary range represents the reasonably anticipated low and high end of the salary range for this position. Actual salaries will vary and will be based on various factors, such as the candidate’s qualifications, skills, experience and competencies, as well as internal equity and alignment with market data for companies of our size and industry.

**No recruiters, please**