Security Engineer - Infrastructure (Security Operations)

  • Plaid
  • 580 California St #1400, San Francisco, CA 94104, USA
  • Nov 09, 2020
[Financial Services - Banking/Investment/Finance] [Financial Services - Banking/Investment/Finance]

Job Description

We believe that consumer's and businesses' way of working with their finances will drastically improve in the next few years. Our goal is to build the tools and infrastructure for developers to create this next generation of financial services applications. Today, thousands of companies such as Acorns, Stripe, and Venmo rely on Plaid to integrate with banks and the financial system. Plaid's infrastructure handles millions of requests per day and thousands of bank integrations. We pride ourselves on maintaining an API to support the developers who depend on us and the millions of consumers who use their apps.

The mission of Plaid's Security Operations Team is to secure environments for our employees, development, and services. We achieve this by implementing controls that ensure security in the background, measuring effectiveness and adjusting controls. We also monitor and respond to issues that occur in those environments, address events, and reduce risk exposure.

As a Security Engineer on the Security Operations team, you will implement security around the cloud environments that run our SaaS platform. You will investigate mitigating cloud configuration drifts, work with infrastructure to harden and automate security configurations inside our AWS infrastructure-as-code pipelines, and work with product teams as new cloud services are needed as products grow. Major projects may include building automated remediation tooling, refining vulnerability management or network/event monitoring processes in the cloud, and coordinating with the Corporate Security portion of the SecOps team to standardize response processes and improvements.

We're guided by our principles, including impact, growing together, embracing openness and positivity, and inventing tomorrow; we're looking for leaders motivated by those same principles.

What excites you

  • Secure AWS cloud services and Kubernetes stacks and ensuring their safe usage for development environments
  • Build automation for detecting and responding to security events
  • Work with Infrastructure-as-Code technologies to apply security controls before deployment
  • Investigate solutions to new cloud use cases and product risks
  • Evaluate technologies for improving security defenses
  • Integrate security controls across cloud-native and third-party tools

What excites us

  • Background working in security engineering organizations, protecting AWS or Kubernetes environments
  • History of implementing security best practices across cloud and container stacks
  • Familiarity with working with APIs and coding to integrate data from different security controls
  • Run PoC's for potential new security controls and determine their effectiveness
  • Experience working with Infrastructure teams to develop security into DevOps and Infrastructure-as-Code processes
  • Broad familiarity with security operations topics that affect infrastructure, including identity and access, network, vulnerability, and change management
  • Familiarity with security frameworks and risk-based security programs

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

Associated topics: canine detection, countermeasure, loss control, metal detection, patrol officer, public safety, public safety officer, safety report, school, surveillance