Cloud Security Engineer - One

Date Posted: Feb 19, 2023

Job Detail

  • Location:
    San Francisco, California, United States of America
  • Company:
  • Type:
    Full Time/Permanent
  • Positions:
  • Experience:
  • Degree:
  • Remote:
    Yes / No
  • Salary:
    Monthly: 1000 USD - 2000 USD

Job Description

About ONE

ONE is on a mission to help people live healthier financial lives. We’re doing this by creating simple solutions to help our customers save, spend, and grow their money – all in one place. 

The U.S. consumer today deserves better. Millions of Americans today can’t access credit, build savings or wealth, and are left to manage their financial lives through multiple disconnected apps. Almost a quarter of U.S. adults are unbanked or underbanked and roughly 80% of fintech users rely on multiple accounts to manage their finances. 

What makes us unique? We are backed by a preeminent fintech investor (Ribbit) and the world’s largest retailer (Walmart), maintain the speed and independence of a startup, and employ a strong (and growing) collection of world-class talent. 

There’s never been a better moment to build a business that helps people live healthier financial lives. Come build with us!

The role

As a Cloud Security Engineer, you'll be responsible for ensuring that ONE delivers secure and reliable distributed systems at scale. By engineering our cloud services, application platforms, and network edge, you’ll directly contribute to the security of ONE’s products. You’ll provide subject-matter expertise to product teams around security best practices and optimizations, design and enforce secure implementations of cloud services and application platforms, and implement zero trust principles throughout our service. Additionally, you will act as a key member of ONE’s security team, advocating for security throughout the development and support lifecycles.

This role is responsible for:

  • Ensuring Secure SDLC practices are enforced via Infrastructure-As-Code (IaC) policies and developing other security tooling to ensure cloud security best practices

  • Analyzing, designing, and improving security controls for SaaS applications, cloud environments, and application platforms to mature the systems security posture

  • Assisting product teams with identifying misuse cases for features

  • Providing expertise around platform and cloud service security concerns during product development

  • Evaluating signals and threat intelligence to identify patterns, threats, and vulnerabilities across a wide range of SaaS and self-hosted systems

  • Implementing runtime security measures for container environments

  • Ensuring relevant audit and security logs are collected to a central location and exposed to the correct teams for triage, analysis, and incident response

  • Partnering with Engineering teams to develop remediations for vulnerabilities

  • Working with security and engineering teams to maintain a security architecture that provides security controls throughout all platforms to mitigate risk and meet business goals and regulatory requirements

  • Building a cloud security detection and response program leveraging automation

  • Training engineers and architects on secure platform design and operational practices

  • Actively participating in all facets of the incident response lifecycle

  • Building ONE’s purple team practices

You bring

  • 5+ years of security engineering, platform engineering, or DevSecOps experience and an engineering mindset for building reliable and maintainable security infrastructure to support a large organization with CI/CD software engineering practices

  • Experience with most of the following: AWS security tools (GuardDuty, AWS Config, Cloudtrail), Terraform, Kubernetes, Containers, Open Policy Agent, Hashicorp Vault, SIEM

  • Excellent knowledge of the CVSS, MITRE ATTA&CK, and OWASP Top 10

  • Excellent practical understanding of AWS and its core services (VPC, EC2, RDS)

  • In-depth knowledge of security threats, applied cryptography, and risk assessments

  • Understanding of regulatory compliance concerns (GLBA, CCPA, PCI)

  • Proficiency in at least one of the following languages: Rust, Go, TypeScript, Ruby, or Python

  • Proficiency in modern security evaluation tooling (Burp, Wireshark, Kali et al.)

  • CCSK or CCSP (preferred)

  • The Triple H Factor: Hungry, Humble, Honest

  • An act-like-an-owner mentality. We have a bias toward taking action

Pay Transparency

The estimated annual base salary for this position ranges from $170,000 to $190,000.   Pay is generally based upon the level, complexity, responsibility, and job duties/requirements of the specific position. We then source candidates with the requisite skills, expertise, education, training, and experience.  If you are selected for an interview, please feel welcome to speak to a Talent Partner about our compensation philosophy and other available benefits.

Leveling Philosophy

In order to thoughtfully scale the company and avoid downstream inequities, we’ve adopted a flat titling structure at ONE. Though we may occasionally post a role externally with a prefix such as “Senior” to reflect the external level of the position, we do not use prefixes in titles like that internally unless in a position which manages a team. Internal titles typically include your specific functional responsibility, such as engineering, product management or sales, and often include additional descriptors to ensure clarity of role and placement within our organization (i.e. “Engineer, Platform”, “Sales, Business Development” or “Manager, Talent”). Employees are paid commensurate with their experience and the internal level within ONE.

What it's like working @ ONE

Our teams collaborate remotely and in our work spaces in New York and Sacramento.

  • Competitive cash - we don’t discount based on location

  • Benefits effective on day one 

  • Early access to a high potential, high growth fintech

  • Generous stock option packages in an early-stage startup

  • Remote friendly (anywhere in the US) and office friendly - you pick the schedule

  • Flexible time off programs - vacation, sick, paid parental leave, and paid caregiver leave

  • 401(k) plan with match

Inclusion & Belonging

To build technology and products that are used and loved by people and solve real-world problems, we need to build a team with many different perspectives and experiences. We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. We encourage candidates from all backgrounds to apply. Applicants in need of special assistance or accommodation during the interview process or in accessing our website may contact us. Email with any questions.


Skills Required

Related Jobs

Google Map