Qualifications

• Strong programming skills in Java, Python, or similar language, with a focus on writing production code.
• Experience designing or operating secure platforms/B2B APIs at scale, particularly in multi-tenant contexts.
• Background in antifraud systems or authentication for consumer fintech or large platforms.
• Working knowledge of AWS services, including IAM and KMS, and service-to-service authentication.
• Familiarity with modern AI tools to enhance security processes and code quality.
• Excellent written communication skills for creating documents like threat models and security responses.
• Ability to manage an in-house security function while collaborating with external experts.

Responsibilities

• Own the security model for partner-facing APIs, covering various access and abuse prevention techniques.
• Develop a coherent authentication strategy, including advanced authentication methods for sensitive actions.
• Implement device telemetry and behavioral signals essential for fraud prevention and risk management.
• Collaborate with Engineering to ensure security is integrated into architecture before feature launch, through threat models and tradeoff ownership.
• Manage secure SDLC processes, including SAST/DAST and security tooling for engineering teams.
• Work with infrastructure teams to enhance overall security from infrastructure to dependencies.
• Lead incident response for security events, ensuring effective containment and remediation of vulnerabilities.

Benefits

• Meaningful start-up equity
• 100% health, vision & dental primary coverage
• 75% health, vision & dental dependent coverage
• Catered lunches and dinners
• $250/month commuter benefit
• Parental leave
• Team building events
• Flexible PTO with a minimum of 15 days off per year
• 401(k) plan
• Relocation assistance