Software Engineer - Product Security

About the Role

Plaid's Product Security Team is dedicated to improving customer trust by assuring secure development and delivery of products and services, minimizing risk to the ecosystem, and preventing security incidents. The team is focused on areas like Application Security, Vulnerability Management, Secure Development Lifecycle, Penetration Testing, and Cloud Security.

As an experienced product security engineer, you will be a trusted advisor, collaborating closely with engineering and product teams to ensure security is a cornerstone of every product. You will partner with leadership to shape product strategy, advocate for strong security controls, and influence future product iterations.

What You Will Do

• Collaborate with engineering and product teams to integrate security into the product lifecycle
• Conduct Threat Modeling and Risk Assessments to identify, assess, and prioritize security risks
• Perform rigorous security testing and reviews for new features being built in the assigned area
• Lead incident response efforts, investigate root causes, and implement corrective actions
• Foster a Security-Conscious Culture by educating and empowering engineering and product teams
• Develop and maintain security documentation and guidelines
• Participate in code reviews to ensure secure coding practices
• Collaborate with external teams, such as compliance and audit, to ensure security requirements are met
• Stay up-to-date with industry trends and emerging threats, applying this knowledge to improve Plaid's security posture

What We Are Looking For

• 2+ years of proven experience in product and application security concepts, including API, web, and mobile app security
• Ability to communicate complex security concepts to technical and non-technical audiences, including senior leadership
• Expertise in conducting comprehensive threat modeling
• Strong understanding of security best practices and industry trends
• Experience with secure development lifecycle and secure coding practices
• Knowledge of cloud security and compliance frameworks
• Strong analytical and problem-solving skills
• Ability to work in a fast-paced environment and prioritize multiple tasks
• Experience with security testing and review tools

Nice to Have

• Experience with DevOps and CI/CD pipelines
• Knowledge of machine learning and artificial intelligence security
• Experience with containerization and orchestration tools
• Certification in security, such as CISSP or CISM

Benefits and Perks

• Competitive salary and equity package
• Comprehensive health, dental, and vision insurance
• 401(k) matching program
• Flexible PTO policy
• Remote work stipend
• Professional development opportunities
• Access to cutting-edge technology and tools
• Collaborative and dynamic work environment
• Recognition and reward programs

• To stand out in this role, highlight your experience with threat modeling, penetration testing, and security assessments.
• Be prepared to discuss your approach to security testing and review, and how you stay up-to-date with industry trends and emerging threats.
• Familiarize yourself with Plaid's products and services, and be ready to discuss how you can contribute to the company's security posture.
• Showcase your ability to communicate complex security concepts to technical and non-technical audiences.
• Consider creating a portfolio that demonstrates your security engineering skills, including any relevant certifications or training.
• During salary negotiations, be prepared to discuss your expectations and how they align with industry standards.