As one of the first pioneers of earned wage access, our passion at EarnIn is building products that deliver real time financial flexibility for those with the unique needs of living paycheck to paycheck. Our community members access their earnings as they earn them, with options to spend, save, and grow their money without mandatory fees, interest rates, or credit checks. Since our founding, our app has been downloaded over 13M times and we have provided access to $10 billion in earnings.
We’re fortunate to have an incredibly experienced leadership team, combined with world-class funding partners like A16Z, Matrix Partners, DST, and a very healthy core business with a tremendous runway. We’re growing fast and are excited to continue bringing world class talent onboard to help shape the next chapter of our growth journey.
We are looking for a passionate Product Security Engineer who is excited to jump in and help drive security engineering efforts. Join the growing Information Security org at EarnIn as a Sr Product Security engineer if you have hands-on experience securing cloud environments.
You should have a natural sense of curiosity, a propensity for action, and a collaborative and diplomatic approach to problem solving.
This is a remote position. The US base salary range for this full-time position is $160,000 - $288,000 + equity + benefits. Our salary ranges are determined by role, level, and location.
What You'll Do:
- Perform security-focused code reviews.
- Lead application security reviews and threat modeling, including code review and dynamic testing.
- Assist teams in reproducing, triaging, and addressing application security vulnerabilities.
- Lead both critical and regular security releases.
- Lead in development of automated security testing to validate that secure coding best practices are being used.
- Participate and assist in initiatives to holistically address multiple vulnerabilities found in a functional area.
- Develop security training and socialize the material with internal development teams.
- Guide and advise product development teams as SMEs in the area of application security.
- Support and evolve the bug bounty program.
- Evaluate, test, implement and support third party security tools.
What We're Looking For:
- MS or Bachelor in Computer Science or equivalent desired
- 5+ Years of industry experience
- Able to work well with software development teams.
- Experience identifying security issues through code review.
- Excellent and professional communication skills (written and verbal) with an ability to articulate complex topics in a clear and concise manner.
- Familiarity with some common security libraries and tools (e.g. static analysis tools, proxying / penetration testing tools).
- Familiarity and ability to explain common security flaws and ways to address them (e.g. OWASP Top 10).
- Basic development or scripting experience and skills. Python and/or Go are preferred.
- A basic understanding of network and web related protocols (such as TCP/IP, UDP, HTTP, HTTPS, protocols).
- Strong understanding and experience with common security libraries, security controls, and common security flaws.
- Be a subject matter expert (SME) of at least 1 technical area impacting the security of the product.
- Strong experience working closely with developers.
- Experience in the financial services industry preferred