Hummingbird is a remote-first, fully distributed team united by the shared mission of helping fight financial crime. Since our launch in 2017, we’ve helped major financial institutions and tech-savvy trailblazers alike (e.g. Stripe, Affirm,, etc.) orchestrate their compliance programs through our thoughtfully designed, intuitive SaaS product. We believe finding and stopping financial crime is a problem rooted in code, language and design, so we built the product that the heroes doing this work deserve.

We are customer-obsessed, and we love building and shipping great products. We set a high bar, challenge our assumptions, seek diverse opinions, and support each other to do our best work.

We do our best to write inclusive, descriptive and accurate job descriptions, but we’re not always perfect. If you’re interested in the role, we’d love to hear from you even if you don’t feel like you meet everything we’re looking for. We’re always iterating and improving, and it’s possible that your experience is even more impactful than we could have imagined!

About the role

Our product sits at the intersection of financial technology, data science, security, policy, law enforcement, and design. We operate in a high security, high stakes environment, working with some of the most sensitive data you can imagine. Given this environment, our product team has held "Security First" as a value since our founding.

Your responsibilities will be broad. They will include source code auditing, developing threat models, reviewing technical design documentation, and finding ways to empower engineering teams to build secure software by default. You must have a strong ability to work with colleagues to understand our products and then develop ways to improve existing security infrastructure. Our security engineers must also be builders: designing and implementing tools and systems that keep our company safe and successful. Given this broad scope, you will also need to prioritize your own work and communicate your priorities and goals to management.

What you're looking to do:

  • Support Hummingbird as we navigate the security landscape.
  • Assess, define, and continuously improve Hummingbird’s security posture, policies, and procedures.
  • Help to create a paranoid, security conscious culture across the organization.
  • Develop systems and features that support a secure product and infrastructure.
  • Conduct code reviews & give input on product definition and product design docs.
  • Work with a small, passionate, and experienced team: We're still a small team of mostly senior engineers, and we love to do quality work together. We're fully remote, and we make a strong effort to prioritize, design, and code collaboratively
  • Influence the product roadmap and strategy: Great ideas come from everywhere. Everyone on the team has a voice in strategy discussions, and is trusted to make significant decisions
  • Have the opportunity to grow into leadership: Hummingbird is growing rapidly. As we do, there will be opportunities for all engineers to take on new roles in product, technology, or people leadership positions
  • Report directly to the CTO and partner with them to influence broader technology and security strategy

What we’re looking for:

  • 5+ years working in security with experience in AppSec.
  • A learning, growth mindset, regardless of level or experience.
  • Experience coding in Python, Ruby, and/or Javascript.
  • Strong communication skills. You will be working closely with senior engineering teams and will need the ability to influence and educate.
  • Passion for what we do! Hummingbird’s mission is to fight financial crime, and we center our work around enabling our clients to catch the bad guys.
  • Someone who knows what good looks like - our ideal candidate has strong opinions, loosely held, on how to build, scale, and own an information security practice area
  • Ideally you've worked both in security and as a systems/software engineer. We need you to bridge the gap.
    Experience working in the enterprise SaaS world is a plus, but certainly not required.

Technologies we use and teach:

  • Ruby/Rails
  • React, JavaScript, TypeScript, d3
  • AWS, PostgreSQL, Redis, ElasticSearch


We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please don't hesitate to contact us to request accommodation.

Apply for this Job

* Required
resume chosen  
(File types: pdf, doc, docx, txt, rtf)
cover_letter chosen  
(File types: pdf, doc, docx, txt, rtf)