Principal Security Engineer
Company: Marqeta, Inc.
Posted on: November 23, 2022
At Marqeta, aPrincipal Application Security Engineeron theDetection
and Response Engineering Teamworks closely with development teams,
product managers (PM), and third-party groups (including the paid
bug bounty program) to ensure that Marqeta products are secure.
Joining Marqeta's Security Engineering team means becoming part of
a team who builds technology that will be a force for good. A team
committed to diversity, equality, and inclusion because of a
conviction that every voice holds value. If you're excited to be
part of a winning team, Marqeta is a great place to grow your
career. We will equip you with opportunities that align with your
skills to do the best work.
What you'll do
- Leads and executes complex initiatives that drive problem
- Perform security-focused code reviews
- Support and consult with product and development teams in the
area of application security, including threat modeling and appsec
- Assist teams in reproducing, triaging, and addressing
application security vulnerabilities.
- Support the bug bounty program
- Support the preparation of security releases
- Design and development of security processes and automated
tooling that prevents classes of security issues
- Mentors and coaches team members to further develop
What we're looking for
- You have 15 years of experience with a Minimum of 10 years
previous experience in Security Operations, Software Development,
Application Security team, or relevant education.
- Experience identifying security issues through code
- You have excellent and professional communication skills
(written and verbal) and can articulate complex topics clearly and
- Advanced understanding of application security testing tools
for SAST, DAST, OSA, etc
- You have a solid understanding of common security flaws and the
ability to explain ways to address them (e.g., OWASP Top
- Expert scripting/coding skills in java and other coding
- You strongly understand the Software as a Service (SaaS)
- Advanced understanding of DevOps practices, and CICD
- Hands-on experience architecting, automating, maintaining, and
securing Cloud Computing Platforms - AWS.
- Strong experience with containers and orchestration platforms
(Kubernetes, Mesos, etc.)
- An expert understanding of network and web-related protocols
(such as TCP/IP, UDP, HTTP, HTTPS, protocols).
- Experience with Infrastructure as Code (ex: Terraform,
Nice to haves
- Python, Ruby, and Golang experience are a plus.
- Experience with AWS Serverless application architectures and
development (Lambda, Kinesis, API Gateway, SQS, SNS, S3).
- Experience with Backend DB architectures, Amazon RDS, DynamoDB,
and ElastiCache (Redis / Memcached).
- Experience in the FinTech / Payment industry.
- Experience with regulatory requirements, including
Sarbanes-Oxley, SOC2 type 2, ISO, NIST, and PCI-DSS.
Keywords: Marqeta, Inc., Oakland , Principal Security Engineer, Engineering , Oakland, California
Didn't find what you're looking for? Search again!