Listing Description

Position Summary

Marqeta’s Product Security Engineering is growing. Our aim is to set new industry standards in the Global Payments space. Come join us to support the next wave of forward thinking solutions in the world's first modern card issuing platform. 

Marqeta’s Product Security team seeks engineers who specialize in Product Security or those with a strong interest in applying their domain knowledge within a Product Security scope. For this role, we are looking for qualified candidates with domain expertise in core Software Engineering in Java, Golang and/or Python who will enhance our Product organization's capacity to deliver secure products and services.

As a Software Engineer in Product Security, you are responsible for implementing Secure by Design / Secure by Default initiatives. Your focus: Developing internal libraries and services that make secure patterns accessible to teams of Engineers. From packaged crypto and tokenization libraries to customer-facing SDKs, you will build software integrations that serve as the guardrails - enabling everyday engineers at Marqeta to take advantage of modern security primitives. Your work will also extend to backend APIs that streamline data privacy practices and secure sensitive transaction data.

You are passionate about Authentication, Crypto, Tokenization, and API Security implementations - including but not limited to Message and Field Level Encryption, TLS and PKI, Request Signing, OAuth, OIDC, SAML, and various methods for implementing end-to-end security in both PDLC and SDLC.

This role also supports training and security awareness initiatives, emphasizing healthy partnerships with Engineering leadership. The right candidate for this role is excited to grow a skillset applying modern App/Prod Sec standards into tangible libraries and services, or has the background and hands-on experience to do so out of the gate - and enjoys training their fellow engineers!

Why are we so excited about this new role? Because security is central to our mission to be the global standard for modern card issuing and processing, empowering builders to bring the most innovative products to the world!

We are passionate about creating a culture of belonging and inclusion - this includes welcoming a variety of backgrounds, levels, and career stages. Product Security is a diverse team with engineers from many different walks of life. The requirements listed in our Prod Security Eng job descriptions are guidelines, not hard and fast rules. If this job intrigues you, but you think you might not meet all of the qualifications, please apply regardless. We will seek to connect with candidates who we believe have a strong potential to serve and operate within our team.

Work alongside a strong and strategically expanding security team and enjoy opportunities to apply your knowledge in new ways.

Product Security Engineering at Marqeta is a remote-first team headquartered in Oakland, California.

What you'll do

• Design and implement scalable Java-based/Golang-based services and libraries


• Develop Security-centric SDKs and APIs


• Redesign and Implement Crypto Primitives


• Support Secure Product Design and Development


• Champion Product Security across Marqeta’s Engineering Org


• Track and Manage metrics for Prod Security tool adoption


• Target Secure by Design and similar “Shift-Left” initiatives in support of Marqeta’s Product Engineers
  
  

What we're looking for

• Hands-on development in Java, GoLang, Python or NodeJS


• Experience building reliable, scaleable software - preferably with SaaS systems


• Experience with Containerized services and AWS-based service integrations


• Knowledge of AWS Fundamentals 


• Strong problem-solving for Developer Use Cases


• Willingness to dig into Product Design and User Story generation for Application-centric and API centric Security Products


• Experience with Software Engineering Development Workflows, including flavors of CICD


• Experience with Jenkins, Drone, Helm or similar CICD toolchains


• Experience with K8s or other container orchestration platforms


• Ability to map a path forward and drive a project to completion


• Experience in developing close partnerships with Product Engineers


• Solid grasp of full-stack Engineering: front-end/backend, API and service architecture design, web infrastructure, and distributed systems


• Pro-Social Behavior


• Excellent communication and collaboration skills


• Employ strong collaboration patterns and enjoy creating positive cross-team dynamics


• Understand ownership and support positive outcomes


• Remain constructive under pressure, with a flexible working style

Nice to have

• Experience deploying Golang and Java services at scale


• Knowledge of Identity and Access Management best practices and protocols, such as OAuth, OpenID Connect, SAML, MFA, and SCIM


• Firm understanding of OWASP Top 10, Application Security tooling, and Content Security Policies


• Experience in Payments or Financial Services