Principal Security Engineer

Engineering · Buffalo, United States · Remote possible

Job description

Who We Are

Imprint is building a next-generation co-branded credit card company to serve America’s great brands. Today our partners include H-E-B, Central Market, Westgate Resorts, and Holiday Inn Club Vacations. Imprint is backed by Kleiner Perkins, Thrive Capital, and Affirm. We are focused on building a brilliant team who want to change payments and who embody Imprint’s Operating Principles.

The Team

The Security Engineering team at Imprint is at the forefront of democratizing access to cutting-edge technologies, empowering teams across our organization to innovate and excel. Driven by our vision to redefine the Fintech landscape, our team is committed to building a secure, highly available infrastructure and arming our engineers with a comprehensive development toolchain, empowering them to bring to life world-class products swiftly.

Your Day-to-Day

  • Develop, update, and maintain threat models and conduct application security reviews for various software projects.
  • Create and implement security policies, guidance, and training programs for employees across all teams.
  • Lead the development of security processes and automated tools to prevent security issues.
  • Collaborate with software developers to ensure secure coding practices and establish a proactive security posture.
  • Partner with engineering teams to continuously improve security processes, priorities, and decisions.
  • Reproduce, triage, and address application security vulnerabilities, leading the team in these efforts.
  • Achieve and maintain compliance with SOC 2 Type II, ISO27001, and PCI DSS standards.
  • Support and manage the bug bounty program.

What we look for

  • 10+ years of application security, including threat modeling and security reviews.
  • 10+ years of cloud security experience in AWS, Azure, or Google Cloud environments.
  • Proven experience and proficiency in developing and implementing security policies, procedures and training programs for multiple medium or large organizations (200+ people).
  • Successfully completing compliance audits for standards such as SOC 2 Type II, ISO27001, and PCI DSS for a large organization.
  • Familiarity with various security tools and technologies, such as static and dynamic analysis tools, intrusion detection/prevention systems, and SIEM platforms.
  • Strong understanding of network security principles and practices.
  • Experience in creating and managing automated security tools and processes.
  • Strong understanding of secure coding practices and experience working closely with software development teams.
  • Proven ability to improve security processes and prioritize security initiatives.
  • Experience with vulnerability management, including reproducing, triaging, and remediating security issues.
  • Strong analytical and problem-solving skills, with the ability to identify and resolve complex security issues.
  • Excellent communication and interpersonal skills, with the ability to explain technical concepts to non-technical stakeholders.
  • Strong sense of ownership, urgency, and drive
  • Bachelor’s Degree in Computer Science, Computer Engineering, Computer Security, Information Systems, or related field.

Nice to have

  • Experience in securing payments-related products
  • Relevant security certifications such as CISSP and CEH.
  • Track record of managing mission-critical, 24x7 production software systems
  • Open-source project experience

Perks & Benefits

  • Competitive compensation and equity packages
  • Leading configured work computers of your choice
  • Paid time off policy
  • Fully covered, high-quality healthcare, including fully covered dependent coverage
  • Additional health coverage includes access to One Medical and the option to enroll in an FSA
  • 16 weeks of paid parental leave for the primary caregiver and 8 weeks for all new parents
  • An understanding that successful remote work requires flexibility and an appreciation for asynchronous work
  • Access to industry-leading technology across all of our business units — stemming from our philosophy that we should invest in resources for our team that foster innovation, optimization, and productivity

Annual salary range: $230-$300k and competitive equity package.

Imprint is committed to a diverse and inclusive workplace. Imprint is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. Imprint welcomes talented individuals from all backgrounds who want to build the future of payments and rewards. If you are passionate about FinTech and eager to grow, let’s move the world forward, together.


Org chart


Teams

This job is not in any teams