Senior Application Security Engineer

Sorry, this job was removed at 03:14 p.m. (EST) on Tuesday, Sep 10, 2024
Be an Early Applicant
Remote
3-5 Years Experience
Fintech • Mobile • Software • Financial Services
SoFi’s mission is to help people reach financial independence to realize their ambitions.
The Role

Employee Applicant Privacy Notice
Who we are:
Shape a brighter financial future with us.
Together with our members, we're changing the way people think about and interact with personal finance.
We're a next-generation financial services company and national bank using innovative, mobile-first technology to help our millions of members reach their goals. The industry is going through an unprecedented transformation, and we're at the forefront. We're proud to come to work every day knowing that what we do has a direct impact on people's lives, with our core values guiding us every step of the way. Join us to invest in yourself, your career, and the financial world.
About The role
SoFi Application Security team assists and partners with engineering, product and design organizations. Our mission is to secure the products and services delivered to our members and customers. We deploy best in class Application Security practices, compliance frameworks, and design patterns by collaborating with product owners, engineers, and executives. The mission is core to SoFi's value "Put our member's interest first".
As a Senior Application Security Engineer, you will be responsible for building and implementing security tools and services to support the development of SoFi's platforms, products, and services. You will work in conjunction with Product security engineers, development, and product teams to to bake security controls into software development lifecycle. This role is pivotal to build security with agility and help SoFi scale.
The ideal candidate will be highly collaborative, balancing the right level of security with business objectives, and working to creatively solve complex Application Security related problems in an agile environment.
What you'll do:

  • Conduct application security design reviews to identify potential vulnerabilities and recommend mitigation strategies.
  • Perform comprehensive code reviews to ensure adherence to security best practices and identify security flaws.
  • Develop and implement security services, leveraging coding skills to create robust and scalable solutions.
  • Collaborate with development teams to integrate security into the software development lifecycle.
  • Design security features and controls to protect applications from threats and ensure compliance with security standards.
  • Provide guidance and mentorship to developers on secure coding practices and security architecture.
  • Stay current with the latest security trends, tools, and technologies to proactively address emerging threats.
  • Contribute to the continuous improvement of security processes and practices within the organization.


What you'll need:

  • At least 3-5 years of experience in Python, Java or Golang, emphasizing writing clean, maintainable, and secure code.
  • Deep understanding of security fundamentals, including the OWASP Top 10 and best practices for application security.
  • Demonstrated understanding on CI/CD pipeline security best practices.
  • Knowledge of network and web-related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols) and their security implications.
  • Understanding of the Application Layer of the OSI model and its security considerations.
  • Experience with securing mobile applications, understanding of mobile security best practices, and knowledge of platform-specific security features.
  • Strong understanding of API security, including best practices for securing RESTful and GraphQL APIs.
  • Ability to effectively prioritize and manage multiple work streams, ensuring timely and accurate delivery of security solutions.
  • Strong written and verbal communication skills for articulating complex security concepts and solutions to technical and non-technical stakeholders alike.
  • Strong understanding of data security principles and cryptography.


Preferred Qualifications:

  • Bachelor's degree in computer science or equivalent from a fully accredited college or university
  • 4+ years' experience in Application security engineering
  • Experience with cloud-native products and an in-depth understanding of microservice topologies and implementations
  • 4+ years of experience with programming in Golang or Python
  • Knowledge of CI/CD, application development, and testing tools
  • Ability to work in a fast-paced and Agile development environment
  • Work and play well with others; SoFi is a collaborative environment
  • Experience implementing data security solutions such as encryption, masking or tokenization


Nice to have:

  • Open-source projects and/or contributions to open-source community
  • AWS Certified Security / Solution Architect
  • Master's or PhD in Computer Science or Engineering
  • Financial services experience


Compensation and Benefits
The base pay range for this role is listed below. Final base pay offer will be determined based on individual factors such as the candidate's experience, skills, and location.
To view all of our comprehensive and competitive benefits, visit our Benefits at SoFi page!
SoFi provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion (including religious dress and grooming practices), sex (including pregnancy, childbirth and related medical conditions, breastfeeding, and conditions related to breastfeeding), gender, gender identity, gender expression, national origin, ancestry, age (40 or over), physical or medical disability, medical condition, marital status, registered domestic partner status, sexual orientation, genetic information, military and/or veteran status, or any other basis prohibited by applicable state or federal law.
The Company hires the best qualified candidate for the job, without regard to protected characteristics.
Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.
New York applicants: Notice of Employee Rights
SoFi is committed to embracing diversity. As part of this commitment, SoFi offers reasonable accommodations to candidates with physical or mental disabilities. If you need accommodations to participate in the job application or interview process, please let your recruiter know or email [email protected].
Due to insurance coverage issues, we are unable to accommodate remote work from Hawaii or Alaska at this time.
Internal Employees
If you are a current employee, do not apply here - please navigate to our Internal Job Board in Greenhouse to apply to our open roles.

What the Team is Saying

Kari
Niyati
Mike
Suban
Caroline
Wells
Mona
Donald
Chloe
Ishani
Kari
The Company
New York, NY
4,800 Employees
Hybrid Workplace
Year Founded: 2011

What We Do

For nearly a decade, SoFi has helped transform the Fintech industry by creating financial products and services that help people borrow, save, spend, invest, and protect their money better, so they can achieve financial independence and realize their ambitions. Whether it’s owning a home, saving for retirement, paying off their student loans, or helping our members invest - SoFi is there every step of the way. Want to learn more about how it works? Check it out here: https://www.sofi.com/how-it-works/

Our core values are at the center of how we help our 2+ million members get their money right. They are our guiding principles for how we think about serving our members, building our company, and most importantly, how we work together. At SoFi, it’s not just what we do - but how we do it.

SoFi is also proud to be the naming rights partner of SoFi Stadium, home of the Los Angeles Chargers and the Los Angeles Rams.

For more information, visit SoFi.com

Why Work With Us

Together with our members, we’re changing the way people think about and interact with personal finance. We’re a next-generation Fintech company using innovative, mobile-first technology to help our 2+ million members reach their goals. The industry is going through an unprecedented transformation, and we’re at the forefront.

Gallery

Gallery
Gallery
Gallery
Gallery
Gallery

SoFi Offices

Hybrid Workspace

Employees engage in a combination of remote and on-site work.

You can work from anywhere! We take a flexible approach to the workplace, allowing employees to choose to be remote, hybrid, or in-office full time.

Typical time on-site: Flexible
New York, NY

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account