Job details

Security Engineering Lead

Palo Alto, CA or Remote

Gen Z is the generation of the side hustle. They’re creators. ‍ They’re freelancers. ‍ They’re investors. ‍ And they’re not afraid to take on challenges, especially when it comes to their finances - and we’re here for it.

Step is a next-generation financial services company building a better banking experience to help teens and young adults achieve financial independence and knowledge at an earlier age. We’re on a mission to improve the financial future of the next generation by empowering teens to start their financial journey today. Step is a well-funded Series C company that has raised more than $175M, focused on disrupting the banking industry through a differentiated mobile-first consumer experience.

Teens and families love our product. We eclipsed 1 million customers in just four months after launch and have now crossed 2.5 million customers in our first year on the market. If you’re looking to join a fast-growing company with a strong mission and vision that puts people first, we want to meet you!

The role

Information security is paramount in everything we do to protect our customers and employees at Step. We are looking for a Security Engineering Leader to build a team focused on product and corporate information security. If you are interested in helping us build the foundation of the security stack at Step, we would love to talk to you!

What you’ll do

Build the security engineering program going from zero to one.
Your team will assess risks to our customers across a wide range of product and technology areas, including mobile, backend infrastructure, key management, account recovery, third party integrations, authentication, and privacy.
Be the subject matter expert for the entire security stack here at Step, including application security, building thread models, overseeing penetration testing, and effectively balancing security risk with product development initiatives
Identify key security considerations that we need to address as we're growing our products.
Own security-critical systems at Step. Includes but not limited to authentication, access control and encryption services.
Establish secure coding practices across the engineering team.
Work with engineering and XFN teams to help architect solutions that are inherently secure.

What we’re looking for

8+ years relevant work experience in the Information Security field.
Well versed in Cloud Infrastructure and Mobile Application Security.
Experience advising product teams on how to address a broad set of security and privacy challenges.
Experience shipping code in consumer-facing products, preferably across both backend and mobile domains.
Ability to prioritize and communicate impact for the security projects on the Step Engineering roadmap.
A desire to help build the product, not just poke holes in it.