Company

Open Positions

Be a part of the modern card issuing revolution

Security Engineering
Oakland, California
Marqeta on the Forbes Fintech 50

Security Engineer

Named as a Forbes Fintech 50 in 2019, Marqeta powers modern payment solutions for companies innovating new services and process flows in a digital world. Our platform, open API, and advanced analytics provide unprecedented control for companies to issue cards, authorize transactions and manage payment operations in real-time.

We are a team of industry experts and technology innovators who take a dynamic approach to solving challenging problems. We power possibilities for our customers by bringing the best talent together in an open and collaborative work environment that rewards creativity and perseverance.

Marqeta is proud of its Oakland roots and strives to build a global team as diverse as the markets we serve, staying true to our values to Connect the Customer, Find a Way, Make Simple, Take Risk and Build One Marqeta. We are not expecting any single candidate to meet all job requirements listed below, so please apply. It’s an exciting time to join Marqeta. As we grow, your career and opportunities will grow as well.

Position Summary

Marqeta is growing a Security Engineering Team with the goal of significantly improving industry standards in Secure Platform and Secure Service Delivery in the Payments space.

As a member of Marqeta’s Security Engineering Team, you’re responsible for design, development and implementation of our core platform, infrastructure and enterprise security services and controls. Your work protects our most critical environments, as well as meets or exceeds the various regulatory compliance standards required in the Payments Industry.

This multifunctional role broadly interfaces with Marqeta’s Platform Engineering, SRE, Network Engineering and Enterprise IT teams, and is vital to Marqeta’s Product and Enterprise Security Program.

The [Principal/Lead/Sr] Security Engineer role supports build and deployment operations and produces reference implementations for secure services and architectures. You’ll develop new strategies for identity and access management (IAM) frameworks, assist Platform and Infrastructure Engineering with coherent processes around change control, in addition to defining secure development and deployment standards. You’ll verify and validate internal DevOps practices, toolsets and artifacts. Additionally, you’ll support the vetting, deployment and design of Enterprise Security tooling.

The ideal candidate for this role has a strong desire to lead the organization in well-considered Security Engineering methodologies, is seasoned in either AWS or GCP cloud-based services, has a strong passion for Rugged DevOps driven patterns, and an excellent ability to communicate across roles, teams and disciplines. You enjoy platform engineering work, systems integration and automation, and you’re passionate about implementing new security patterns and services.

Marqeta is remote work positive and this role is offered in the scope of a distributed remote team. 

Primary Responsibilities

  • Build and deploy self-service tools for Infrastructure, IT, Platform, and SRE Engineers
  • Maintain Security Controls in Platform, Enterprise and Infrastructure Services
  • Implement and Support End-to-End Transport Security and Proxy Layer Services
  • Lead Infrastructure and Platform Design Reviews
  • Implement and Maintain Security Patterns in Pre-Release and Post-Release Deployment
  • Triage, Respond to and Investigate Security Incidents affecting Platform and Infra Services
  • Implement and Maintain Platform and Infrastructure Threat Monitoring and Detection Tools
  • Manage and Deploy Services for Security Team
  • Mentor Marqeta App Sec, Infra, IT, Platform and SRE Engineers
  • Support Quarterly PCI Efforts

Requirements

  • 5+ yrs Demonstrable and Practical Experience in Systems and Infrastructure Engineering or Comparable Experience in a DevOps Role
  • 5+ years working for an Enterprise SaaS-based organization
  • 2+ yrs experience working within a Security Operations role
  • Familiar with concepts related to MFA, systems integration, webhooks, SCIM 2.0, "zero-trust", along with the various means of systems access (cURL, API, browser, systems-level) from an authentication perspective
  • Expert level proficiency with various means of federated access, and how to select the right frictionless authentication method of a given problem
  • You pride yourself in a holistic approach to your work
  • You have a sincere passion for Security Engineering and Operations as a discipline
  • You’re an excellent communicator
  • You employ strong collaboration patterns and enjoy creating positive team dynamics
  • You know how to own and support positive outcomes
  • You remain constructive under pressure, with a flexible working style
  • You have solid experience and consistency with remote work and engaging distributed teams
  • Demonstrated experience in several of the following disciplines: incident response, detection tooling, vulnerability management, security operations, cloud security, infrastructure security, network security, security tools development
  • Experience selecting and implementing tools for SIEM, IDS and vulnerability scanning
  • Experience with automating new and existing processes and tools
  • Experience with AWS, Java, Python, Ruby, and other modern open source languages and tools

Technical Skills

  • Functional development experience and proficiency in Python, Go or Ruby
  • Functional Experience with Ansible, Terraform and Packer
  • Experience with AWS Architecture and Service Deployment
  • Experience with IAM services and tools. Okta experience a plus
  • Experience with Container Technology (Docker, ECS, Kubernetes/K8s) and their respective security tools
  • Familiarity with Java and JVM based Application Stacks (e.g. Tomcat)
  • Strong Knowledge of TLS-based Service Architectures
  • Strong Experience with Linux Platforms (CentOS/Ubuntu/Debian/etc)
  • Experience with Secure Deployment Specification
  • Experience with Production Build Pipelines and CI/CD stacks (Ex. Jenkins, Nexus, Drone CI)
  • Strong Interest in Automation Practices

Bonus Points

  • Experience in Payments or Financial Services
  • Firm understanding of OWASP Top 10, Application Security tooling, Content Security Policies, and RASP/WAF a plus
  • Experience with Remote Work

Perks 

  • Rich suite of benefit plans; employee premiums paid 100%
  • Generous Paid Time Off
  • Full paid Parental Leave
  • Pet insurance
  • 401k plan with a Company match
  • Competitive pay
  • Meaningful equity
  • Bi-annual “Hack Week” to support and reward innovation
  • Monthly commuter and parking subsidy
  • Open, transparent culture that includes All Hands meetings, Lunch-and-Learns, all-company offsites, etc.
  • Access to corporate gym membership rates, other discounts and employee perks
  • Fully stocked kitchen, catered lunches twice a week, breakfast on Fridays and more!

We are committed to an inclusive and diverse workplace. Marqeta is an equal opportunity employer. We do not discriminate based on race, ethnicity, color, ancestry, national origin, religion, sex, sexual orientation, gender identity, age, disability, veteran status, genetic information, marital status or any other legally protected status.