This job is expired We're automatically mark job as expired after 180 days of its inactivity

Job details

Principal Security Engineer

Who we are

Albert is a new type of financial service that uses powerful technology to automate your finances, with a team of human experts to guide you. Albert saves and invests automatically for you, helps you avoid overdrafts, finds savings you’re missing, identifies bills you’re overpaying, and much more. Text Albert a financial question, and our geniuses won’t just offer guidance — they’ll help you take action.

We're an LA-based startup with a proven business model, backed by top-tier institutional investors and with over 11 million users who have trusted Albert to help them achieve their financial goals. We're on a mission to democratize money management through our simple, beautifully designed product, and we're looking for thoughtful, talented people to join us on our journey.

About the role

Security is core to Albert’s mission and critical to how we build our products from inception and design to deployment in the cloud. This role will help Albert maintain security at speed and scale. This Principal Security Engineer will help us deliver on our mission by helping to design, build, deploy, and maintain secure products. As a key member of our team, this role will work closely with the Product and Engineering teams performing core application security practices like threat modeling, design review, secure code reviews, and security testing while continuously improving our SDLC.

Things you're good at

Ownership: Dive in and take ownership of activities like code security reviews, threat modeling, static and dynamic security testing, and conducting security training for developers.
Architecture: Provide application security guidance and oversight across Engineering and Product teams.
Organization: Work across various layers of our company in an inspired, efficient way. Provide hands-on remediation guidance to teams across the organization.
Prioritization: Prioritize initiatives to demonstrate alignment with our business strategy and value propositions. Communicate priorities and drive consensus on the path forward. Identify, prioritize, and promote security practices that create the most impact in reducing overall security risk of our applications.
Collaboration: We bring out the best in each other. We're looking for people who will bring out the best in all of us. This role should seek to influence the design and implementation of upcoming products and services with security and privacy design in mind.

Responsibilities

Automate security testing to improve our SDLC workflow
Help write secure applications and services through design, development, and implementation of secure software development practices
Security code reviews to ensure the protection of customer information
Collaborate and advise engineering teams on building authentication, authorization, and encryption solutions
Support of security enhancement and development
Evaluate our infrastructure for risks and security vulnerabilities
Perform vulnerability testing, risk analysis, and security assessments
Ensure that identified issues are prioritized and addressed in an appropriate time frame
Develop and report metrics measuring the state of the security program
Research emerging technologies and maintain awareness of current security risks
Help to develop security training and education for our software engineers

Requirements

Bachelor's Degree
Minimum 5 years of experience in the information security field
In-depth knowledge of mobile, backend, and web application vulnerabilities and ability to articulate impacts to technical and business teams
Experience with performing threat modeling and designing secure mobile application architecture
Working knowledge of OWASP projects
Proficiency in Python
Experience with creating and supporting a Secure Software Development Lifecycle (SSDLC)
Experience with dynamic and static web application testing tools
Strong knowledge of securing cloud infrastructure (ie. AWS, GCP)

Benefits

Competitive salary and meaningful equity
Health, vision and dental insurance
Meals provided
Monthly wellness stipend
401k match

#BI-Remote

Note to applicants: Remote in the US is ok. We are not currently hiring in CO.

Job Applicants California Privacy Notice

This California Privacy Notice applies to personal information of California job applicants that Albert collects and processes as it relates to the submission of a job application.

Albert (CA) Glassdoor Company Review

3.6