Product Security Engineer

Remote, New York, United StatesHybridFull TimePosted 2 months agoVisa sponsorship available

Is this role right for you?

Upload your resume and get a skill-by-skill breakdown — see exactly where you match, where you're close, and what to highlight. Not a mystery percentage.

Get a tailored resume highlighting what this role needs.

Role summary

Plaid is seeking a Product Security Engineer who is a strong builder, focused on developing production-grade services, libraries, and frameworks to solve security challenges at scale. This role involves building and maintaining the vulnerability management orchestration service, automating workflows, and creating solutions to eliminate entire classes of vulnerabilities. The engineer will partner with product teams, support incident response and security awareness, and collaborate with the security platform organization to embed secure development practices. The ideal candidate has at least 2 years of experience building and scaling production services and can architect software systems to meet security, privacy, usability, scalability, and cost requirements.

We believe that the way people interact with their finances will drastically improve in the next few years. We’re dedicated to empowering this transformation by building the tools and experiences that thousands of developers use to create their own products. Plaid powers the tools millions of people rely on to live a healthier financial life. We work with thousands of companies like Venmo, SoFi, several of the Fortune 500, and many of the largest banks to make it easy for people to connect their financial accounts to the apps and services they want to use. Plaid’s network covers 12,000 financial institutions across the US, Canada, UK and Europe. Founded in 2013, the company is headquartered in San Francisco with offices in New York, Washington D.C., London and Amsterdam.

The Product Security team is responsible for the processes, policies, controls, and engineering systems that secure Plaid’s developer- and consumer-facing products. The team focuses on areas including application security, vulnerability management, secure development lifecycle, penetration testing, and cloud security. Beyond setting standards, the team builds the services, components, and workflows that protect Plaid’s products at scale. By moving security “left,” Product Security makes the secure path the easiest path for engineers across the company.

Plaid is looking for a Product Security Engineer who is fundamentally a builder. Unlike traditional product security roles, this position is designed for a software engineer who wants to solve security challenges at scale by developing production-grade services, libraries, and frameworks. In this role, you’ll build and maintain Plaid’s vulnerability management orchestration service, automate workflows to reduce operational toil, and create solutions that eliminate entire classes of vulnerabilities. You’ll also partner closely with product engineers to ensure services meet security standards, support incident response and security awareness efforts, and collaborate across the security platform organization to deliver the engineering foundations that make secure development the default at Plaid.

Responsibilities

Build the secure engineering foundations that secure the future of digital finance.

Develop maintainable and secure software to enhance Plaid's security posture and create paved roads for developers for easy and default integration of security controls.

Design, develop, and maintain security-critical services and components.

Develop internal tooling to automate vulnerability detection, dependency management, and remediation workflows within the CI/CD pipeline.

Replace manual security gates with engineered solutions that allow product teams to ship faster and more securely.

Communicate effectively with managers and team members regarding project deliverables and progress.

Design and implement technical solutions that align with the evolving needs of the business.

Proactively identify and address security vulnerabilities in products and services.

Actively participate in incident response and security awareness initiatives.

Qualifications

2 + years of professional experience building and scaling production services.

Ability to architect software systems to meet security, privacy, usability, scalability and cost requirements.

While these experience and characteristics are not prerequisites, candidates who possess them would be well-suited for the role:

Experience building systems or services related to vulnerability management, data encryption, key management, secret management, user authentication, service authentication, authorization systems, and security policy enforcement.

Experience designing distributed systems and microservices with a focus on performance and reliability.

Familiarity with modern cloud infrastructure (AWS, Kubernetes, Terraform) and how to integrate security controls into them.

A passion for creating tools and libraries that other engineers love to use.

Passionate about educating others on security and privacy.

Our mission at Plaid is to unlock financial freedom for everyone. To support that mission, we seek to build a diverse team of driven individuals who care deeply about making the financial ecosystem more equitable. We recognize that strong qualifications can come from both prior work experiences and lived experiences. We encourage you to apply to a role even if your experience doesn't fully match the job description. We are always looking for team members that will bring something unique to Plaid!

Plaid is proud to be an equal opportunity employer and values diversity at our company. We do not discriminate based on race, color, national origin, ethnicity, religion or religious belief, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, military or veteran status, disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state, and local laws. Plaid is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance with your application or interviews due to a disability, please let us know at accommodations@plaid.com.

Please review our Candidate Privacy Notice here.

Sample Plaid interview questions

1
Design a language translation platform that works in real-time.
system designmedium
2
Design a system for storing and serving images/videos.
system designmedium
3
Use documentation to query their API and collect some data.
technicalaverage
4
Is this window function performant?
technicaldifficult
5
What is the syntax to make a private variable in JavaScript?
technicalaverage

Ready to apply?

You'll be redirected to Plaid's application page.

Is this role right for you?

Role summary

Sample Plaid interview questions

Similar roles