Marqeta is growing a Security Engineering team with the goal of setting a new industry standard for security in the payments space. In this role, you will support secure product development for the world’s first modern card issuing platform. 

Marqeta’s Product Security team seeks engineers with expertise in Application Security OR whom have a strong interest in Application Security with domain expertise in core Software Engineering, to support our Product team's capacity to deliver secure products and services.

You will use your domain expertise in software development and vulnerability remediation strategies to help Marqeta’s Engineering org develop industry compliant services, implement security tooling within modern CICD pipelines, develop and deploy secure containerized (ECS, K8s) microservices, and define minimum viable secure products (MVSPs) within a highly regulated space. This role may also support training and security awareness initiatives, with an emphasis on developing healthy partnerships with engineering leadership. The right candidate for this role either is excited to develop a skillset applying modern App Sec and Prod Sec standards into tangible deliverables, or has the background and hands-on experience to do so out of the gate.

As a Lead Prod Sec Engineer, you are responsible for secure by design initiatives in product, threat model validation, coordinating security reviews, and shepherding teams to adopt and implement application security tooling. Marqeta’s Prod Sec Engineers have strong influence within the Product Engineering org, and knowledgeable individuals who can communicate with empathy and act with practicality will do especially well in this role.

Why are we so excited about this new role? Because security is central to our mission “to be the global standard for modern card issuing, empowering builders to bring the most innovative products to the world.” Also, we’re passionate about creating a culture of belonging and inclusion – this includes welcoming a variety of backgrounds, levels and career stages. The requirements listed in our Prod Security Engineer job descriptions are guidelines, not hard and fast rules. If this job intrigues you, but you think you might not meet all of the qualifications, please apply anyway!

Come work alongside a strong and strategically expanding security team and enjoy opportunities to apply your knowledge in new ways.

Product Security Engineering at Marqeta is a remote-first team and headquartered in Oakland, California.

What you'll do

• Build scalable platform services and libraries

• Champion security across engineering

• Develop custom SAST tooling/rules and improve defect detection

• Track and Manage metrics for Prod Security adoption

• Develop new patterns for Threat Modeling and Security Reviews

• Focus on “Shift-Left” initiatives, supporting Marqeta’s Product Engineers

What we're looking for

• Hands on development in Python, GoLang, Java and/or NodeJS

• Experience with IaaC tooling incl but not limited to Terraform or Helm

• Knowledge of AWS Fundamentals 

• Experience coordinating Security initiatives in cross-functional settings

• Background in Application Security, incl experience with SAST, DAST, and SCA

• Experience with Software Engineering Development Workflows, including flavors of CICD

• Ability to map a path forward and drive a project to completion

• Experience with Developing close partnerships with Product Engineers

• Solid grasp of full-stack engineering: front-end/backend, API and service architecture design, web infrastructure and distributed systems

• Pro-Social Behavior

• Excellent communication and collaboration skills

• Employ strong collaboration patterns and enjoy creating positive cross-team dynamics

• Understand ownership and support positive outcomes

• Remain constructive under pressure, with a flexible working style

Nice to have

• Experience building reliable, scaleable software – preferably with SaaS systems

• Experience deploying Golang and Java services at scale

• Knowledge of Identity and Access Management best practices and protocols, such as OAuth, OpenID Connect, SAML, MFA, and SCIM

• Firm understanding of OWASP Top 10, Application Security tooling, and Content Security Policies

• Experience in Payments or Financial Services