Jobs
>
San Francisco

    Security Engineer II - San Francisco, United States - NerdWallet

    NerdWallet
    NerdWallet San Francisco, United States

    3 weeks ago

    Default job background
    Description
    We are seeking a Security Engineer II to join our Application Security team.

    The Application Security team enables NerdWallet's mission, to provide clarity for all of life's financial decisions, by taking steps to ensure the products and services we design and build safeguard our user's data and trust.

    In this role, you can expect to partner with technical teams across the company, executing on initiatives that mitigate risk and prevent harm to user trust throughout the lifecycle of products.

    You'll have the opportunity to mature the tools, workflows, and standards that lead to secure software coding practices, while providing a phenomenal developer experience and empowering partners to take ownership of the security posture of their products.

    The right candidate will be eager to help engineers secure their software, have a desire to empower developers, and be a terrific collaborator maturing our security posture in meaningful ways.

    If you would like to develop your security skills in a supportive environment and contribute to maturing an organization's security program, we encourage you to apply
    This role will report to a Business Information Security Officer.
    If you were here 6 months ago, here are some things you might have worked on:

    Designed and Implemented a secret scanner in the CI/CD
    Helped triage and respond to security events and findings identified by various application security tools
    Rolled out a Content-Security-Policy response header for various applications
    Where you can make an impact:

    Help scale our application security program through automation and developer empowerment
    Influence engineering and product partners to remediate security gaps across multiple functional areas while balancing company and security needs
    Build tools and processes to drive greater security posture visibility for leadership
    Review developer pull requests for adherence to security best practices
    Support operational work in response to security incidents

    You are:
    Familiar with industry standards, risk mitigation techniques, and new developments within application security, e.g. OWASP Top 10
    Pragmatic in your approach to reducing risk in a manner that incorporates business and product needs that balances time and risk reduction
    Asking questions, seeking guidance, and soliciting feedback when clarification is needed about assigned work or discussion topics
    Continuously training to understand application security fundamentals and goals for a company
    Committed to fostering a respectful, blameless, and collaborative work environment and are receptive to constructive feedback from peers and mentors

    Your experience:
    We recognize not everyone will meet all of the criteria.

    If you meet most of the criteria below and you're excited about the opportunity and willing to learn, we'd love to hear from you.

    2+ years of experience in a professional application security engineering role and experience developing software deployed in a cloud environment, especially AWS
    Identified, triaged, and remediated security vulnerabilities
    Proficient in Python
    Comfortable reading JavaScript
    Comfort with learning new languages as needed

    Where:
    This role is remote, based in the U.S.
    We believe great work can be done anywhere. No matter where you are based, NerdWallet offers benefits and perks to support the physical, financial, and emotional well being of you and your family

    What we offer:
    Work Hard, Stay Balanced (Life's a series of balancing acts, eh?)
    Industry-leading medical, dental, and vision health care plans for employees and their dependents
    Rejuvenation Policy – Flexible Time Off + 13 holidays + 4 Mental Health Days Off
    New Parent Leave for employees with a newborn child or a child placed with them for adoption or foster care
    Mental health support through Headspace
    Financial wellness, guidance, and unlimited access to a Certified Financial Planner (CFP) through Northstar
    Paid sabbatical for Nerds to recharge, gain knowledge and pursue their interests
    Health and Dependent Care FSA and HSA Plan with monthly NerdWallet contribution
    Weekly Virtual Bootcamp, Yoga, and Mindfulness Meditation sessions
    Monthly Wellness Stipend, Cell Phone Stipend, and Wifi Stipend
    Have Some Fun (Nerds are fun, too)
    Nerd-led group initiatives – Intramural Sports, Employee Resource Groups for Parents, Diversity and Inclusion, Women, LGBTQIA, and other communities
    Hackathons, Happy Hours, and team events across all teams and departments
    Company-wide events like Little Nerds Day (aka bring your kids to work day, even if you're remote) and our annual Charity Auction
    Lifestyle (Be your best self - we'll take care of the details)
    Our Nerds love to make an impact by paying it forward – Donate to your favorite causes with a company match
    Work from home equipment stipend and co-working space subsidy
    Anniversary recognition program – choose from different items and experiences
    Commuting stipend
    Plan for your future (And when you retire on your island, remember the little people)
    401K with company match
    Annual Enrichment Stipend for learning and development
    Be the first to test and benefit from our new financial products and tools
    Access to Rocket Lawyer for online legal support and resources
    If you are based in California, we encourage you to read this important information for California residents linked here.
    NerdWallet is committed to pursuing and hiring a diverse workforce and is proud to be an equal opportunity employer.

    We prohibit discrimination and harassment on the basis of any characteristic protected by applicable federal, state, or local law, so all qualified applicants will receive consideration for employment.

    NerdWallet will consider qualified applicants with a criminal history pursuant to the California Fair Chance Act and the San Francisco Fair Chance Act, which requires this notice.

    NerdWallet participates in the Department of Homeland Security U.S. Citizenship and Immigration Services E-Verify program for all US locations.


    For more information, please see:
    E-Verify Participation Poster (English+Spanish/Español)

    Right to Work Poster (English) / (Spanish/Español)

    #LI-DNI
    #LI-Remote
    #LI-3


    Base pay offered may vary within the posted range based on several factors, including but not limited to education, job-related knowledge, skills, experience, and location.

    The pay range for this role is $110,000—$166,000 USD
    #J-18808-Ljbffr
  • Vouch

    Security Engineer

    3 weeks ago

    Vouch San Francisco, United States

    [Full Time] Security Engineer at Vouch (United States) | BEAMSTART Jobs · Security Engineer · Vouch United States · Date Posted · 04 Jan, 2023 · Work Location · San Francisco, United States · Salary Offered · $145000 — $165000 yearly · Job Type · Full Time · Experience Required ...

  • Figma

    Security Engineer

    3 days ago

    Figma San Francisco, United States

    Figma is growing our team of passionate people on a mission to make design accessible to all. Born on the Web, Figma helps entire product teams brainstorm, design and build better products - from start to finish. Whether it's consolidating tools, simplifying workflows, or collabo ...

  • Asana

    Security Engineer

    1 week ago

    Asana San Francisco, United States

    We're looking for a motivated security engineer interested in maturing Asana's product security posture to expand trust with our growing customer base. As a member of the Product Security team, you will focus on shipping features that are free from critical security bugs, enablin ...

  • Notion, LLC

    Security Engineer

    4 days ago

    Notion, LLC San Francisco, United States

    About Us: · We're on a mission to make it possible for every person, team, and company to be able to tailor their software to solve any problem and take on any challenge. Computers may be our most powerful tools, but most of us can't build or modify the software we use on them e ...

  • Integriti Group Pvt Ltd

    Security Engineer

    1 day ago

    Integriti Group Pvt Ltd San Francisco, United States

    Key Responsibilities: · Cloud Security Architecture: Design and implement comprehensive security architectures for cloud-based applications and services, ensuring adherence to best practices and compliance requirements.New Relic Integration: Utilize New Relic or other tools to m ...

  • Amazon Development Center U.S., Inc.

    Application Security Engineer

    2 days ago

    Amazon Development Center U.S., Inc. San Francisco, United States Full time

    Go beyond protecting Amazon Web Services (AWS) and have a direct impact on new cutting-edge initiatives at Amazon. Work across multiple security domains as well as strategic security partnerships. Since 2006, our great team at AWS has been enabling our customers to bring great id ...

  • Dropbox

    Security Engineer, Detection

    2 weeks ago

    Dropbox San Francisco, United States

    Role Description · The Detection and Response Team (DART) is looking for a Security Engineer with experience performing detection, incident response, security engineering, and maintaining operationally excellent systems. You will operate and build the tools and detections to cat ...

  • TREE House

    Security Engineer, Product Security

    2 days ago

    TREE House San Francisco, United States

    We're looking for a motivated security engineer interested in maturing Asana's product security posture to expand trust with our growing customer base. As a member of the Product Security team, you will focus on shipping features that are free from critical security bugs, enablin ...

  • Stefanini North America and APAC

    Application Security Engineer

    2 weeks ago

    Stefanini North America and APAC San Francisco, United States

    3+ years of experience in application security or related field. · Strong understanding of application security principles, OWASP Top 10, and common attack vectors and experience with secure coding practices and security testing tools (SAST, DAST, IAST) · Hands-on experience with ...

  • Encore IT Solutions

    Security Engineer

    1 day ago

    Encore IT Solutions San Francisco, United States Permanent

    Role: Security EngineerLocation: Remote WORKING IN USA FOR MORE THAN 7 YEARS -Integrating various platforms with CyberArk, such as different LDAP providers, Windows servers, UNIX servers, Databases and networking client's Privileged Access Management solution based on CyberArk te ...

  • Motion Recruitment

    Security Engineer 1

    4 days ago

    Motion Recruitment San Francisco, United States

    A large enterprise social network is hiring a Security Engineer I to join the Security Team based in office in San Francisco with work from home flexibility. · The Security Engineer will be responsible for reviewing and processing security related requests including Access Manag ...

  • Clever

    Senior Security Engineer

    3 weeks ago

    Clever San Francisco, United States

    Founded by educators and technologists passionate about improving education, Clever is on a mission to unlock new ways to learn for all students. Already used by more than 75% of U.S. K-12 schools, Clever brings all applications into one secure portal and provides single sign-on ...

  • Lakera AG

    Senior Security Engineer

    2 days ago

    Lakera AG San Francisco, United States

    As our first dedicated · Senior Security Engineer, · you'll have a significant impact at a rapidly growing startup. We've built a small security program including SOC2 certification, but it's time for someone dedicated to lead that. Your role will vary, from implementing securi ...

  • Hayden AI Technologies, Inc

    Senior Security Engineer

    3 weeks ago

    Hayden AI Technologies, Inc San Francisco, United States

    About Us · At Hayden AI, we are on a mission to harness the power of artificial intelligence and machine learning to transform the way governments and businesses address real-world challenges. · From optimizing bus lane and bus stop enforcement to pioneering digital twin modeli ...

  • Randstad North America, Inc.

    Information Security Engineer

    1 day ago

    Randstad North America, Inc. San Francisco, United States

    Randstad Digital is hiring and we're looking for someone like YOU to join our team If you are seeking a new opportunity, looking to grow in your career, or you know someone who is - we want to hear from you Take a look at the below opportunity, or Security Engineer, Security, Inf ...

  • Motion Recruitment

    Information Security Engineer

    2 days ago

    Motion Recruitment San Francisco, United States

    Information Security Engineer · San Francisco, CA · Hybrid · Contract · $61.53/hr - $69.33/hr · Outstanding long-term contract opportunity A well-known Financial Services Company is looking for a Information Security Engineer in San Francisco (Hybrid). · Work with the brigh ...

  • OpenAI

    Enterprise Security Engineer

    3 weeks ago

    OpenAI San Francisco, United States

    About the Team · Within the OpenAI Security organization, our IT team ensures that our diverse team of researchers, engineers, and staff have the tools they need to work comfortably, securely, and with minimal interruptions. As an Enterprise Security Engineer, you will work in a ...

  • TaxBit

    Principal Security Engineer

    3 days ago

    TaxBit West Valley City, United States

    Company · Founded in 2018 by CPAs, tax attorneys, and software developers, TaxBit is creating an entirely new category to enable widespread compliant adoption of digital assets for the global economy. TaxBits Software-as-a-Service (SaaS) platform streamlines and automates custom ...

  • Unit21

    Application Security Engineer

    1 week ago

    Unit21 San Francisco, United States

    About Unit 21: · Unit21 protects businesses against adversaries engaging in money laundering, fraud, and other sophisticated risks by offering a no-code toolset to model, detect, and remediate suspicious activity. We are backed by investments from Google, Tiger Global, ICONIQ, D ...

  • Electrosoft Services, Inc.

    Cybersecurity Engineer with Security Clearance

    5 days ago

    Electrosoft Services, Inc. San Francisco, United States Permanent

    Zero Trust Cybersecurity Engineer Responsibilities and Duties: · • Closely collaborating with customers (both executive and technical audiences), our company, and our partners to: · • Perform Zero Trust security readiness assessments (e.g. gap analyses, maturity assessments and ...