Principal Security Engineer
Millions in the U.S. continue to be underserved or ignored by traditional financial institutions. At Stash, an investing app for more than 2 million active subscribers, we are addressing that reality by giving everyday Americans the confidence to take charge of their money and financial future. Our plans—starting at just $3 a month—provide easy and affordable access to a suite of products including investing, banking, education, and advice. Stashers are 18% more financially literate than the average American, and customers rely on Stash’s unique tools, guardrails, and content to learn about money and build wealth for the long-term.
In 2022, we made tremendous steps forward in the Stash customer experience, through the launches of Stash Core, a new banking account experience featuring access to an upgraded Stock-Back® Debit Mastercard®, enhanced customer support, and refreshed benefits, including increased rewards; and expanded access to cryptocurrency through a separate crypto account offering.
Our Talented Team
We are proud to attract phenomenal individuals who share our commitment to unlocking financial opportunity for a new generation of investors. Their unique perspectives, backgrounds, and experiences have helped create a thriving and inclusive culture based on the notion of “Prioritizing People,” a Stash core value.
Let’s solve complex problems and tackle wealth inequality.
- Assist with maturing Stash’s security strategy and infrastructure
- Consult and partner with senior-level stakeholders across the entire engineering department to identify security risks and to optimize the use of security controls, risks controls, and cloud infrastructure
- Implement security solutions across the organization that protect Stash’s data stores, endpoints, systems, networks, applications, and personnel. Including but not limited to, zero-trust, secrets management, identity management, mobile device posture management, cloud posture management, user behavior analytics, and bot management solutions
- Build and mature vulnerability management and incident response
- Improve and maintain Stash’s protective and detective security controls through continuous improvement and automation
- Establish success criteria and metrics for reliable delivery and maintenance of security solutions and technologies
- Working to identify areas of security vulnerabilities and drive cleverly engineered, scalable solutions that improve our defense-in-depth.
- Helping other engineers design more secure systems via design input and code review
- Enhance the SDLC to incorporate security development best practices, testing and auditing
- Ability to balance our security risk and product advancement by clearly communicating risks to both technical and non-technical audiences.
- Be a security subject matter expert and respond to any internal security engineering questions/requests
- Bachelors in Computer Science or a related discipline or equivalent experience
- 12+ years proven work experience as a security professional with hands-on experience in multiple security domains including but not limited to Security Architecture, Network Security, Cloud Security, Mobile Security, and Web Security.
- 7+ years experience working with AWS
- Experience developing and leading incident response and vulnerability management teams
- Strong understanding of secure application development practices
- Experience with conducting security assessments
- Experience with Terraform
- Exceptional written and oral presentation skills
- CISSP, CISM, CEH or other relevant certifications highly desired
At Stash it is our mission to help everyday Americans invest and build wealth. That includes people of all races, genders, and abilities, so it is important to us to acknowledge and address the issues of inequality in financial services head on.
Diversity and inclusion are essential to living our values, promoting innovation, and building the best products. Our success is directly related to our employees and we believe that our team should reflect the diversity of the customers that we serve. As an Equal Opportunity Employer, Stash is committed to building an inclusive environment for people of all backgrounds.
Helping You Invest in Yourself
- Comprehensive total rewards package, comprising compensation (base salary, equity, and depending on level, an annual bonus) and health care benefits
- Complimentary subscription to Stash+ account
- Remote-first work policy – Live and work where you feel the most productive, whether that is in your home, in an office (including our NYC and London offices), or a combination of both. Anywhere in the US or UK.
- Equity & Stash Accounts [Invest, Retire, Custodial, Bank]
- Flexible PTO
- Annual education reimbursement benefit Learning & Development Fund
- Work from home equipment stipends
- Paid Parental Leave ([offerings for birth giving and non-birth giving parents) Primary & Secondary]
- Enhanced wellness benefits through Gympass, Headspace, Ginger, and Maven Health
- Stash Gives donation and volunteerism program through Millie, with an annual company match
External Recognition for Stash
- Comparably's Best Company Awards: Best Places to Work, Best Company Outlook, and Best Engineering Teamfor Diversity, Women, Culture, and more! (20232)
- Fintech Breakthrough Award: Best Personal Finance App (2023)
- BuiltIn’s Best Places to Work (2019, 2020, 2021, 2022)
- Forbes Fintech 50 (2019, 2020, 2021)
- Best Digital Bank, Finovate Awards (2020)
- Tearsheet Challenge Awards, Best Banking Card Product - Stock-Back® Card, 2020
- LendIt Fintech Innovator of the Year (2019 & 2020)
**No recruiters, please**