Staff Security Engineer

Stash

Stash

IT
United States
Posted on Friday, November 3, 2023

Millions in the U.S. continue to be underserved or ignored by traditional financial institutions. At Stash, an investing app for more than 2 million active subscribers, we are addressing that reality by giving everyday Americans the confidence to take charge of their money and financial future. Our plans—starting at just $3 a month—provide easy and affordable access to a suite of products including investing, banking, education, and advice. Stashers are 18% more financially literate than the average American, and customers rely on Stash’s unique tools, guardrails, and content to learn about money and build wealth for the long-term.

In 2022, we made tremendous steps forward in the Stash customer experience, through the launches of Stash Core, a new banking account experience featuring access to an upgraded Stock-Back® Debit Mastercard®, enhanced customer support, and refreshed benefits, including increased rewards; and expanded access to cryptocurrency through a separate crypto account offering.

Our Talented Team

We are proud to attract phenomenal individuals who share our commitment to unlocking financial opportunity for a new generation of investors. Their unique perspectives, backgrounds, and experiences have helped create a thriving and inclusive culture based on the notion of “Prioritizing People,” a Stash core value.

Let’s solve complex problems and tackle wealth inequality.

We are looking for two Staff Security Engineers to join our team and protect our rapidly expanding web and mobile investment platform. As a Staff Security Engineer, you’ll be responsible for identifying and architecting solutions that will protect Stash customers, employees and our product from attacks.These are hands-on security engineering roles. The ideal candidates will have a strong track record of implementing security technologies in highly regulated and fast-paced environments and will have experience in cloud security, security engineering as well as product and enterprise security.
What You'll Do:
  • Work to protect Stash’s data stores, endpoints, systems, networks, applications, and personnel. Including but not limited to, zero-trust, secrets management, identity management, mobile device posture management, cloud posture management, user behavior analytics, and bot management solutions
  • Improve and maintain Stash’s protective and detective security controls through continuous improvement and automation
  • Working to identify areas of security vulnerabilities and drive cleverly engineered, scalable solutions that improve our defense-in-depth
  • Helping other engineers design more secure systems via design input and code review
  • Enhance the SDLC to incorporate security development best practices, testing and auditing
  • Oversee or perform penetration tests, vulnerability scans and risk assessments on our microservices and infrastructure
  • Be a security subject matter expert and respond to any internal security engineering questions/requests
What We're Looking For:
  • Bachelors in Computer Science or a related discipline or equivalent experience
  • 7+ years proven work experience as a security professional with hands-on experience in multiple security domains including but not limited to Security Architecture, Network Security, Cloud Security, Mobile Security, and Web Security
  • 5+ years experience working with AWS
  • Strong comprehension of secure application development practices
  • Experience with conducting security assessments
  • Software development experience with one of the following languages: Ruby on Rails, Scala, Java, or Go
  • Strong scripting experience in Python and/or Bash
  • Strong experience with Terraform
  • Exceptional written and oral presentation skills
Gold Stars:
  • CISSP, CISM, CEH or other relevant certifications highly desired

#LI-REMOTE


At Stash it is our mission to help everyday Americans invest and build wealth. That includes people of all races, genders, and abilities, so it is important to us to acknowledge and address the issues of inequality in financial services head on.

Diversity and inclusion are essential to living our values, promoting innovation, and building the best products. Our success is directly related to our employees and we believe that our team should reflect the diversity of the customers that we serve. As an Equal Opportunity Employer, Stash is committed to building an inclusive environment for people of all backgrounds.

Helping You Invest in Yourself

  • Comprehensive total rewards package, comprising compensation (base salary, equity, and depending on level, an annual bonus) and health care benefits
  • Complimentary subscription to Stash+ account
  • Remote-first work policy – Live and work where you feel the most productive, whether that is in your home, in an office (including our NYC and London offices), or a combination of both. Anywhere in the US or UK.
  • Equity & Stash Accounts [Invest, Retire, Custodial, Bank]
  • Flexible PTO
  • Annual education reimbursement benefit Learning & Development Fund
  • Work from home equipment stipends
  • Paid Parental Leave ([offerings for birth giving and non-birth giving parents) Primary & Secondary]
  • Enhanced wellness benefits through Gympass, Headspace, Ginger, and Maven Health
  • Stash Gives donation and volunteerism program through Millie, with an annual company match

External Recognition for Stash

  • Comparably's Best Company Awards: Best Places to Work, Best Company Outlook, and Best Engineering Teamfor Diversity, Women, Culture, and more! (20232)
  • Fintech Breakthrough Award: Best Personal Finance App (2023)
  • BuiltIn’s Best Places to Work (2019, 2020, 2021, 2022)
  • Forbes Fintech 50 (2019, 2020, 2021)
  • Best Digital Bank, Finovate Awards (2020)
  • Tearsheet Challenge Awards, Best Banking Card Product - Stock-Back® Card, 2020
  • LendIt Fintech Innovator of the Year (2019 & 2020)
Salary Range: $159,408 - $236,160
The base salary range represents the reasonably anticipated low and high end of the salary range for this position. Actual salaries will vary and will be based on various factors, such as the candidate’s qualifications, skills, experience and competencies, as well as internal equity and alignment with market data for companies of our size and industry.

**No recruiters, please**