Who is Credible?
We believe life’s changes create financial needs for people and that the traditional financial system often puts up unnecessary obstacles. People celebrate major milestones like going to college, getting married, and buying a home. And most of the time, these milestones come with financial implications.
At Credible, we have built a company with the mission of bringing transparency, choice, simple processes and savings to accessing credit for life’s important moments. What you see is what you get. We are committed to being upfront, honest, and clear about your options. There are no mysteries, no hidden fees, and no secret clauses.
Credible is a fast-growing Fintech company that has world class management, has raised multiple rounds of funding, is generating significant revenue and is disrupting the lending market and helping people save money and get out of debt faster.
About the Role:
We are looking for an Application Security Engineer to spearhead secure-by-design initiatives and deep product partnership. We build strong relationships with other teams and empower them to build secure software. This includes reviewing early-stage designs, developing threat models, and scaling impact by curating security patterns, guidance and training. If you’re a builder that enjoys working with cutting edge technologies, we’d love to hear from you!
- Penetration testing: Hunt for security issues within our applications via internal pen tests.
- Code reviews: Discover weakness in our code before it reaches production.
- Bug Bounty Program: Help design Credible’s Bug Bounty Program and be involved in submission triage (and remediation).
- Secure Software Development Lifecycle: Implement automated tooling (e.g. SAST, DAST, IAST) within our SDLC.
- Software Development: Write Python code to automate various security controls and processes.
- Security Champions Program: Scale security at Credible by training security-minded developers.
- Collaboration with the DevOps Team: Pair with members of the DevOps Team to mitigate Application Security risks in Kubernetes (and AWS). (No previous AWS or Kubernetes knowledge required.)
Education and Experience:
- Bachelor’s or Master’s degree in Computer Science or related field
- Willingness to onboard yourself onto a modern tech stack (e.g., GraphQL, microservice auth leveraging AWS Cognito, Kubernetes)
- 3+ years in an Application Security role
- 3+ years of development experience
- Knowledge of Application Security fundamentals (e.g., OWASP Top 10)
- Knowledge of Application Security risks within containerized and cloud environments
- Problem solving skills and the ability to work under pressure
- Self-starter with strong interpersonal, communication, and collaboration skills
Why work at Credible?
We are a fast moving, fun-loving, seriously smart group of people who really care about impacting the lives of our customers. We empower our employees to make decisions, take risks, drive our business and make changes when we don’t get it right. These are our values:
- Exceed Customer Expectations: We provide an exceptional experience to each and every customer that compels them to share it with others.
- Take Ownership: We are trusted to make decisions that are in the best interests of our customers and our business. We think and act like owners. We care – and that makes all the difference.
- Be Curious: We are curious, ask questions, seek to understand and try new things.
- Do the Right Thing: We earn trust by being transparent, respectful and honest with each person with whom we interact.
- Get Results: Results fuel our excitement and we know how our personal accomplishments tie to the success of the company.
- Be Bold: We are courageous and take risks that scare us. Our enthusiasm for experimenting is how we will find the next breakthrough.
Our benefits: We offer competitive compensation, generous benefits, free food and a flexible vacation policy.
But mainly, you want to work at Credible because you believe in our mission and want to have a major role in delivering on it! We look forward to getting to know you.
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.