Product Security Engineer
Description
We believe that the way people interact with their finances will drastically improve in the next few years. We’re dedicated to empowering this transformation by building the tools and experiences that thousands of developers use to create their own products. Plaid powers the tools millions of people rely on to live a healthier financial life. We work with thousands of companies like Venmo, SoFi, several of the Fortune 500, and many of the largest banks to make it easy for people to connect their financial accounts to the apps and services they want to use. Plaid’s network covers 12,000 financial institutions across the US, Canada, UK and Europe. Founded in 2013, the company is headquartered in San Francisco with offices in New York, Washington D.C., London and Amsterdam.
Responsibilities
Build the secure engineering foundations that secure the future of digital finance. Develop maintainable and secure software to enhance Plaid's security posture and create paved roads for developers for easy and default integration of security controls. Design, develop, and maintain security-critical services and components. Develop internal tooling to automate vulnerability detection, dependency management, and remediation workflows within the CI/CD pipeline. Replace manual security gates with engineered solutions that allow product teams to ship faster and more securely. Communicate effectively with managers and team members regarding project deliverables and progress. Design and implement technical solutions that align with the evolving needs of the business. Proactively identify and address security vulnerabilities in products and services. Actively participate in incident response and security awareness initiatives.
Qualifications
2 + years of professional experience building and scaling production services. Ability to architect software systems to meet security, privacy, usability, scalability and cost requirements.
While these experience and characteristics are not prerequisites, candidates who possess them would be well-suited for the role
Experience building systems or services related to vulnerability management, data encryption, key management, secret management, user authentication, service authentication, authorization systems, and security policy enforcement. Experience designing distributed systems and microservices with a focus on performance and reliability. Familiarity with modern cloud infrastructure (AWS, Kubernetes, Terraform) and how to integrate security controls into them. A passion for creating tools and libraries that other engineers love to use. Passionate about educating others on security and privacy.