Are you looking to join an innovative organization powering payments for the next generation of fintech and commerce innovators? Marqeta has built the world’s first open API issuer processor platform from scratch, powering prepaid, debit, and credit cards for the most recognizable names in financial technology, alternative lending, on-demand services and e-commerce. Marqeta has become the leader in payment innovation. Our company is comprised of a team of industry experts, a dynamic approach to working on challenging problems, and an open environment and culture that is focused on ideas and innovation.

Not only do we have an inspiring and innovative culture, but only Marqeta can offer you a chance to help redefine the payments industry. As a testament to the company we've collectively built, our world-class team voted Marqeta one of the Bay Area’s Best Places to Work.

Marqeta is proud of its Oakland roots and strives to build a team as diverse as the cities in which we operate. Underrepresented populations are encouraged to apply. 

We are not expecting any single candidate to have an expertise under all areas of our requirements section. Please apply if you meet some but not all of the requirements.

Position Summary

Marqeta is growing a fresh new Infrastructure Security Team with the goal of significantly improving industry standards in Secure Platform and Secure Service Delivery in the Payments space.

As a member of Marqeta’s Infrastructure Security Team, you’re responsible for design, development and implementation of our core platform and network security controls. Your work protects our most critical environments, as well as meets or exceeds the various regulatory compliance standards required in the Payments Industry. This role interfaces directly with Marqeta’s Platform Engineering, SRE, and Network Engineering teams, and is vital to Marqeta’s Product Security Program.

The Sr Infra Sec role supports build and deployment operations and produces reference implementations for secure services and architectures in AWS. You’ll develop new strategies for authorization and access control frameworks, assist Platform and Infrastructure Eng with coherent process around change control, you’ll define secure deployment standards, and you’ll verify and validate internal DevOps practices, toolsets and artifacts.

The ideal candidate for this role has a strong desire to lead the organization in well considered Security Engineering methodologies, is seasoned in either AWS or GCP cloud-based services, has a strong passion for DevOps/SecDevOps/DevSecOps driven patterns, and an excellent ability to communicate across roles, teams and disciplines. You enjoy platform engineering work, and you’re passionate about implementing new security patterns.

Marqeta is remote work positive and this role is offered in the scope of a distributed remote team.

Primary Responsibilities

  • Build Self Service Tools for Infrastructure, Platform, and SRE Engineers
  • Maintain Security Controls in Platform and Infrastructure Services
  • Implement and Support End-to-End Transport Security and Proxy Layer Services
  • Lead Infrastructure and Platform Design Reviews
  • Implement and Maintain Security Patterns in Pre-Release and Post-Release Deployment
  • Triage, Respond to and Investigate Security Incidents affecting Platform and Infra Services
  • Implement and Maintain Platform and Infrastructure Threat Monitoring and Detection Tools
  • Manage and Deploy Services for Security Team
  • Mentor Marqeta App Sec, Infra, Platform and SRE Engineers
  • Support Quarterly PCI Efforts


  • 3-5 yrs Demonstrable and Practical Experience in Systems and Infrastructure Engineering or Comparable Experience in a DevOps Role
  • You pride yourself in a holistic approach to your work
  • You have a sincere passion for Security Engineering as a discipline
  • You’re an excellent communicator
  • You employ strong collaboration patterns and enjoy creating positive team dynamics
  • You know how to own and support positive outcomes
  • You remain constructive under pressure, with a flexible working style
  • You have solid experience and consistency with remote work and engaging distributed teams
  • Demonstrated experience in some combination of the following disciplines: incident response, detection tooling, vulnerability management, security operations, cloud security, infrastructure security, network security, security tools development
  • Experience selecting and implementing tools for SIEM, IDS and vulnerability scanning
  • Experience with automating new and existing processes and tools
  • Experience with AWS, Java, Python, Ruby, and other modern open source languages and tools

Technical Skills

  • Functional Development Experience and Proficiency in Python, Go or Ruby
  • Functional Experience with Ansible, Terraform and Packer
  • Experience with AWS Architecture and Service Deployment
  • Experience with Container Technology (Docker, ECS, Kubernetes/K8s)
  • Familiarity with Java and JVM based Application Stacks (e.g. Tomcat)
  • Strong Knowledge of TLS-based Service Architectures
  • Strong Experience with Linux Platforms (CentOS/Ubuntu/Debian/etc)
  • Experience with Secure Deployment Specification
  • Experience with Production Build Pipelines and CI/CD stacks (Ex. Jenkins, Nexus, Drone CI)
  • Strong Interest in Automation Practices

Bonus Qualifications

  • Experience in Payments or Financial Services
  • Experience with Remote Work


  • Be a member of an exceptional team - we’re growing and your career and opportunities with us will, too!
  • Rich suite of benefit plans - Employee premiums paid 100%
  • Generous Paid Time Off plan
  • Market-leading fully paid Parental Leave
  • Retirement savings - 401k plan with a Company match
  • Meaningful Equity
  • Bi-annual Hack Weeks to support and reward innovation
  • Beautiful downtown Oakland office in a great location, with stunning views of Lake Merritt
  • Conveniently located close to public transportation
  • Open, transparent culture that includes weekly All Hands meetings, Lunch-and-Learns, all-company offsite, etc.
  • Commuter and Parking monthly subsidy
  • Access to corporate gym membership rates and other discounts and employee perks!
  • Fully stocked kitchen, catered lunches twice a week, breakfast on Fridays, and more!


Apply for this Job

* Required

File   X
File   X

U.S. Equal Opportunity Employment Information (Completion is voluntary)

Individuals seeking employment at Marqeta are considered without regards to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, gender identity, or sexual orientation. You are being given the opportunity to provide the following information in order to help us comply with federal and state Equal Employment Opportunity/Affirmative Action record keeping, reporting, and other legal requirements.

Completion of the form is entirely voluntary. Whatever your decision, it will not be considered in the hiring process or thereafter. Any information that you do provide will be recorded and maintained in a confidential file.

Race & Ethnicity Definitions

If you believe you belong to any of the categories of protected veterans listed below, please indicate by making the appropriate selection. As a government contractor subject to Vietnam Era Veterans Readjustment Assistance Act (VEVRAA), we request this information in order to measure the effectiveness of the outreach and positive recruitment efforts we undertake pursuant to VEVRAA. Classification of protected categories is as follows:

A "disabled veteran" is one of the following: a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or a person who was discharged or released from active duty because of a service-connected disability.

A "recently separated veteran" means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.

An "active duty wartime or campaign badge veteran" means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.

An "Armed forces service medal veteran" means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.

Form CC-305

OMB Control Number 1250-0005

Expires 1/31/2020

Voluntary Self-Identification of Disability

Why are you being asked to complete this form?

Because we do business with the government, we must reach out to, hire, and provide equal opportunity to qualified people with disabilities1. To help us measure how well we are doing, we are asking you to tell us if you have a disability or if you ever had a disability. Completing this form is voluntary, but we hope that you will choose to fill it out. If you are applying for a job, any answer you give will be kept private and will not be used against you in any way.

If you already work for us, your answer will not be used against you in any way. Because a person may become disabled at any time, we are required to ask all of our employees to update their information every five years. You may voluntarily self-identify as having a disability on this form without fear of any punishment because you did not identify as having a disability earlier.

How do I know if I have a disability?

You are considered to have a disability if you have a physical or mental impairment or medical condition that substantially limits a major life activity, or if you have a history or record of such an impairment or medical condition.

Disabilities include, but are not limited to:

  • Blindness
  • Deafness
  • Cancer
  • Diabetes
  • Epilepsy
  • Autism
  • Cerebral palsy
  • Schizophrenia
  • Muscular dystrophy
  • Bipolar disorder
  • Major depression
  • Multiple sclerosis (MS)
  • Missing limbs or partially missing limbs
  • Post-traumatic stress disorder (PTSD)
  • Obsessive compulsive disorder
  • Impairments requiring the use of a wheelchair
  • Intellectual disability (previously called mental retardation)
Reasonable Accommodation Notice

Federal law requires employers to provide reasonable accommodation to qualified individuals with disabilities. Please tell us if you require a reasonable accommodation to apply for a job or to perform your job. Examples of reasonable accommodation include making a change to the application process or work procedures, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment.

1Section 503 of the Rehabilitation Act of 1973, as amended. For more information about this form or the equal employment obligations of Federal contractors, visit the U.S. Department of Labor's Office of Federal Contract Compliance Programs (OFCCP) website at

PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.