Senior Security Engineer
Earnest empowers people with the financial capital they need to live better lives.
We're an accomplished team of technology, finance, and design geeks who believe consumer lending can be radically improved and are doing something about it. We are disrupting the trillion dollar student loan industry by redefining what it means to be creditworthy. We created a company that combines data science, streamlined design, and technology to:
- Build products that simplify the lending process
- Personalize loans to suit the needs of our customers
- Engage with our customers through more human experiences
- Our culture is one that values transparency and blameless problem solving. Earnest has a strong track record of employee growth and career progression. Earnies are empathetic, product-focused, proactive, and curious.
You will be a part of the Earnest team accountable for information security, compliance, and trust and safety. As a senior member of the team that oversees technology controls at the platform and operational level, you will be involved in multiple work streams, each employing a diverse set of technology solutions and operational processes.
As the Senior Security Engineer, you will report to the Head of Security, and you will:
- Lead the selection, design, and implementation of platform and operational level controls
- Design/architect security solutions for Earnest’s technology platforms
- Interface with Earnest team members, both within and outside of engineering to determine business and technology needs/requirements
- Assist with developing and growing the security and compliance program
- Represent the Earnest security team in front of the organization and the Executive team
Ideal background and expertise
- 5+ years of software development experience with either functional or imperative languages
- Understanding of AWS and commonly used AWS services
- Ability to perform security-focused code reviews
- Comfortable with typical threat hunting/incident response processes.
Nice to have
- Understand cryptography and key management
- Hands-on experience with threat modeling
- Worked in environment subject to SOX compliance
- Knowledge of triaging vulnerabilities and determining appropriate mitigation and resolution options.
- Experience with external pen tests or bug bounty platforms
- Proficient in NodeJS, Python, or Go
- Experience with infrastructure automation tools such as Terraform and Ansible
Earnest Perks & Benefits
- Health, Dental, & Vision benefits plus savings plans
- Employee Stock Purchase Plan
- 401(k) plan to help you save for retirement plus a company match
- Tuition reimbursement program
- $1000 flight on each Earnie-versary to anywhere in the world and 25 days of annual PTO
- Great culture with an awesome team