Senior Product Security Engineer
Posted on 4/10/2023
Development Operations (DevOps)
- Demonstrate deep understanding of Docker, Image Security, Kubernetes, and CI/CD pipelines
- Good understanding of cloud services, AWS, and Well Architected Framework security pillar
- Knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)
- Proficiency with programming languages, automation tooling and API integrations
- Service Mesh/Istio, microsegmentation, and network security
- Ability to prioritize between and execute on multiple work streams
- Written and verbal skills for communicating security concepts and solutions
- Secure software development lifecycle / “Shift Left”
- Deploy product security tools like SAST, DAST, IAST, SCA, etc to help uncover security issues early on in the software development lifecycle
- Build secure integrations with various internal and external tools to create agile software security solutions
- Keep security tools and deployments up to date. Ensure regular patching and upgrades and smooth running of tools
- Help in reviewing development lifecycle integration with security tools and triage / debug any integration issues
- Manage cloud security solutions to ensure SoFi's infrastructure is secure
- Participate in proof of concept to evaluate security solutions and services to help strengthen SoFi's products against advanced Cybersecurity attacks
- Work closely with security operations and application security engineers to review security gaps and come up with mitigation strategies
- Help with automation to support compliance with various regulatory and industry standards requirements
- Bachelor's degree in Computer Science or equivalent from a fully-accredited college or university
- 4+ years experience in DevOps and Infrastructure security engineering
- Experience with cloud native products and in-depth understanding of microservice topologies and implementations
- 4+ years of experience with cloud technologies
- Ability to manage relationships with other business units, external vendors and stakeholders when IT security risks are present and system or process changes must be made to mitigate risk
- Familiarity with AWS and at-scale services
- Knowledge of CI/CD, application development and testing tools
- Ability to work in a fast paced and Agile development environment
- Work and play well with others; SoFi is a collaborative environment
- AWS Certified Security / Solution Architect
- Masters or PhD in Computer Science or Engineering
- Financial services experience
Lender and financial services provider
SoFi’s mission is to help people reach financial independence to realize their ambitions.
- You’re taken care of. SoFi employees receive comprehensive health, vision, dental, life insurance, and disability benefits—as well as flexible time off, fitness, fertility, and family planning options.
- Realize your ambitions. We want to help our employees achieve financial freedom, just like our members. That’s why we contribute $200 per month toward your student loans to help pay down your debt—plus free financial classes.
- Never stop learning. We offer frequent training, mentorship opportunities, and leadership programs to develop our people. We also cover tuition costs for approved programs, up to $5,250 per year.
Company Core Values
- Put our members’ interests first.
- Run after problems.
- Embrace diversity. Everyone should feel welcome, included and able to contribute.
- Get to the truth and make principle-based decisions.
- Make your footprint bigger than your foot.
- Do the right thing. If you’re not sure, do the harder thing.
- Set ambitious goals, be gritty, be accountable.
- Take care of other people and help them grow.
- Iterate, learn, innovate.
- Be SoFi missionaries.
- …and don’t forget to smile.