Are you looking to join an innovative organization powering payments for the next generation of fintech and commerce innovators? Marqeta has built the world’s first open API issuer processor platform from scratch, powering prepaid, debit, and credit cards for the most recognizable names in financial technology, alternative lending, on-demand services and e-commerce. Marqeta has become the leader in payment innovation. Our company is comprised of a team of industry experts, a dynamic approach to working on challenging problems, and an open environment and culture that is focused on ideas and innovation.
Not only do we have an inspiring and innovative culture, but only Marqeta can offer you a chance to help redefine the payments industry. As a testament to the company we've collectively built, our world-class team voted Marqeta one of the Bay Area’s Best Places to Work.
Marqeta is proud of its Oakland roots and strives to build a team as diverse as the cities in which we operate. Underrepresented populations are encouraged to apply.
Marqeta is growing a fresh new Infrastructure Security Team with the goal of significantly improving industry standards in Secure Platform and Secure Service Delivery in the Payments space.
As a member of Marqeta’s Infrastructure Security Team, you’re responsible for design, development and implementation of our core platform and network security controls. Your work protects our most critical environments, as well as meets or exceeds the various regulatory compliance standards required in the Payments Industry. This role interfaces directly with Marqeta’s Platform Engineering, SRE, and Network Engineering teams, and is vital to Marqeta’s Product Security Program.
The Sr Infra Sec role supports build and deployment operations and produces reference implementations for secure services and architectures in AWS. You’ll develop new strategies for authorization and access control frameworks, assist Platform and Infrastructure Eng with coherent process around change control, you’ll define secure deployment standards, and you’ll verify and validate internal DevOps practices, toolsets and artifacts.
The ideal candidate for this role has a strong desire to lead the organization in well considered Security Engineering methodologies, is seasoned in either AWS or GCP cloud-based services, has a strong passion for DevOps/SecDevOps/DevSecOps driven patterns, and an excellent ability to communicate across roles, teams and disciplines. You enjoy platform engineering work, and you’re passionate about implementing new security patterns.
Marqeta is remote work positive and this role is offered in the scope of a distributed remote team.
- Build Self Service Tools for Infrastructure, Platform, and SRE Engineers
- Maintain Security Controls in Platform and Infrastructure Services
- Implement and Support End-to-End Transport Security and Proxy Layer Services
- Lead Infrastructure and Platform Design Reviews
- Implement and Maintain Security Patterns in Pre-Release and Post-Release Deployment
- Triage, Respond to and Investigate Security Incidents affecting Platform and Infra Services
- Implement and Maintain Platform and Infrastructure Threat Monitoring and Detection Tools
- Manage and Deploy Services for Security Team
- Mentor Marqeta App Sec, Infra, Platform and SRE Engineers
- Support Quarterly PCI Efforts
- 3-5 yrs Demonstrable and Practical Experience in Systems and Infrastructure Engineering or Comparable Experience in a DevOps Role
- You pride yourself in a holistic approach to your work
- You have a sincere passion for Security Engineering as a discipline
- You’re an excellent communicator
- You employ strong collaboration patterns and enjoy creating positive team dynamics
- You know how to own and support positive outcomes
- You remain constructive under pressure, with a flexible working style
- You have solid experience and consistency with remote work and engaging distributed teams
- Demonstrated experience in some combination of the following disciplines: incident response, detection tooling, vulnerability management, security operations, cloud security, infrastructure security, network security, security tools development
- Experience selecting and implementing tools for SIEM, IDS and vulnerability scanning
- Experience with automating new and existing processes and tools
- Experience with AWS, Java, Python, Ruby, and other modern open source languages and tools
- Functional Development Experience and Proficiency in Python, Go or Ruby
- Functional Experience with Ansible, Terraform and Packer
- Experience with AWS Architecture and Service Deployment
- Experience with Container Technology (Docker, ECS, Kubernetes/K8s)
- Familiarity with Java and JVM based Application Stacks (e.g. Tomcat)
- Strong Knowledge of TLS-based Service Architectures
- Strong Experience with Linux Platforms (CentOS/Ubuntu/Debian/etc)
- Experience with Secure Deployment Specification
- Experience with Production Build Pipelines and CI/CD stacks (Ex. Jenkins, Nexus, Drone CI)
- Strong Interest in Automation Practices
- Experience in Payments or Financial Services
- Experience with Remote Work
- Be a member of an exceptional team - we’re growing and your career and opportunities with us will, too!
- Rich suite of benefit plans - Employee premiums paid 100%
- Generous Paid Time Off plan
- Market-leading fully paid Parental Leave
- Retirement savings - 401k plan with a Company match
- Meaningful Equity
- Bi-annual Hack Weeks to support and reward innovation
- Beautiful downtown Oakland office in a great location, with stunning views of Lake Merritt
- Conveniently located close to public transportation
- Open, transparent culture that includes weekly All Hands meetings, Lunch-and-Learns, all-company offsite, etc.
- Commuter and Parking monthly subsidy
- Access to corporate gym membership rates and other discounts and employee perks!
- Fully stocked kitchen, catered lunches twice a week, breakfast on Fridays, and more!