Principal Security Engineer, Product & AI

About the Role

The day-to-day responsibilities of this role will include threat modeling, secure coding practices, and security architecture review. The Principal Security Engineer will also be responsible for building and maintaining relationships with key stakeholders, including product managers, engineers, and other security teams. This role requires strong technical leadership, excellent communication skills, and the ability to drive security innovation in a rapidly evolving landscape.

Marqeta's security team is committed to delivering a robust and secure payment platform that meets the highest standards of security and compliance. The Principal Security Engineer will play a key role in achieving this goal, working closely with cross-functional teams to identify and mitigate security risks.

What You Will Do

• Lead product security engineering for Marqeta's payment platform, including threat modeling, security architecture review, and secure SDLC practices
• Develop and mature Marqeta's AI security program, including building genAI controls, securing ML pipelines, and working alongside the Model Risk Office for model evaluations
• Provide security architecture oversight across infrastructure and enterprise security, including endpoint protection, network security, VPN, and corporate security controls
• Conduct security assessments of AI/ML model architectures, training pipelines, inference endpoints, and deployment infrastructure
• Define and maintain secure development lifecycle practices, including secure code review standards, API security patterns, and authentication/authorization frameworks
• Develop self-service security tooling and developer-facing guardrails that reduce friction while maintaining security posture
• Partner closely with Product Security, Infrastructure Security, and Security Operations teams to ensure cohesive security standards across all domains
• Shape how security engineering scales across the organization through tooling, frameworks, security champions engagement, and engineering partnerships
• Provide technical oversight for infrastructure security, including endpoint protection, network security, VPN, and enterprise security controls
• Ensure coherent security architecture standards across product, cloud infrastructure, and corporate environments

What We Are Looking For

• 10+ years of experience in security engineering, with a focus on product security, AI security, and security architecture
• Strong technical leadership skills, with the ability to drive security innovation and collaborate with cross-functional teams
• Deep expertise in security architecture, threat modeling, and AI security
• Experience with secure coding practices, including secure code review standards and API security patterns
• Strong understanding of cloud security, including AWS or Azure
• Experience with security tooling, including security information and event management (SIEM) systems
• Excellent communication skills, with the ability to communicate complex security concepts to non-technical stakeholders
• Strong analytical and problem-solving skills, with the ability to identify and mitigate security risks

Nice to Have

• Experience with genAI controls, including prompt injection prevention and output filtering
• Knowledge of ML pipelines and model training infrastructure
• Experience with security orchestration, automation, and response (SOAR) tools
• Certification in security, such as CISSP or CISM

Benefits and Perks

• Competitive salary and equity package
• Comprehensive health, dental, and vision insurance
• 401(k) matching program
• Flexible work arrangements, including remote work options
• Professional development opportunities, including training and conference sponsorships
• Access to cutting-edge security tools and technologies
• Collaborative and dynamic work environment
• Recognition and reward programs for outstanding performance

• Ensure your resume and online profiles highlight your technical expertise in security engineering, AI security, and security architecture.
• Develop a strong understanding of Marqeta's payment platform and AI initiatives, and be prepared to discuss how your skills and experience align with the company's security goals.
• Be prepared to provide specific examples of your experience with threat modeling, secure coding practices, and security architecture review.
• Show a willingness to learn and adapt to new technologies and security threats, and be prepared to discuss your approach to staying current in the field.
• Highlight your ability to communicate complex security concepts to non-technical stakeholders, and be prepared to provide examples of your experience working with cross-functional teams.
• Research Marqeta's company culture and values, and be prepared to discuss how your own values and approach to security align with the company's mission.