Staff Security Engineer - DevSecOps
Remote, USA
Marqeta is on a mission to change the way money moves. We’re one of the earliest enablers of embedded finance, a market opportunity sized up in the trillions. Our card issuing platform provides unprecedented flexibility and control for companies to issue cards, authorize transactions, and manage payment operations in real time. Marqeta is powering the most well known brands in the new economy (Block, Cash App, Affirm, Instacart, Doordash, Uber, Walmart, etc). Today nearly 8 out of 10 Americans use a product powered by Marqeta every week. This is the opportunity of a lifetime to work with innovators around the world and unlock equitable financial access for all.
We are looking for a Staff Security Engineer with a passion for Secure SDLC in Cloud environment and deep expertise in DevSecOps. The ideal candidate will be excited about an opportunity to heavily contribute to the design of architectural strategies and engineer solutions to all aspects of Software Development Life Cycle (SDLC).
We work Flexible First. This role can be performed remotely anywhere within the United States or from our Oakland office. We’d love for you to join us!
What You’ll Do
- Perform and troubleshoot various application security tools into CI/CD pipeline
- Perform spot validations to test an issue/fix
- Perform Design Reviews, Threat Modeling for Marqeta’s products
- Liaison with Bug Bounty programs, developer teams to track issues, provide remediation guidance and testing of the issues/fix
- Provide support to all phases of penetration tests and red team activities, including Scoping, Planning, Communications, and Execution of key activities (Reconnaissance, Vulnerability identification, Exploitation, and Reporting)
- Engagement with Core Engineering leads to ensure timely risk remediation
- Work closely with development teams to ensure that security and infrastructure requirements are included in the design and implementation of applications
- Take a role in the definition of relevant product security architecture strategies, roadmaps, policies, standards, and procedures
- Maintain and update relevant solutions and tooling to support new business requirements while ensuring a consistent, compliant, and central service delivery
- Document operational procedures (such as those for deployments, breakglass plans etc.) as well as current state architecture and configurations
- Provide subject matter expertise to project teams, and other audiences as needed
- Provide on-call rotation support to relevant services and tooling
What We’re Looking For
- You have at least 5+ years …
This job isn't fresh anymore!
Search Fresh JobsJob Profile
Annual bonuses Flexible time off Flexible work environment Salary range
Tasks- Provide Subject Matter Expertise
Analytical AWS CI/CD CI/CD Pipeline Cloud Native technologies DevSecOps Dynamic Analysis Finance Financial Services Go Golang Java Kubernetes Legal ML Operations Payments Penetration Testing Problem-solving Python Security Software Composition Analysis Static Analysis Terraform Threat modeling
Experience5 years
EducationAdvanced degree Bachelor's degree Engineering Finance
Certifications TimezonesAmerica/Anchorage America/Chicago America/Denver America/Los_Angeles America/New_York Pacific/Honolulu UTC-10 UTC-5 UTC-6 UTC-7 UTC-8 UTC-9