Sr. Product Security Engineering Lead (Remote Friendly)

Apply for this position Please mention DailyRemote when applying
Posted 11 hours ago United States Salary undisclosed
Before you apply - make sure the job is legit.

Attempting to apply for jobs might take you off this site to a different website not owned by us. Any consequence as a result for attempting to apply for jobs is strictly at your own risk and we assume no liability.

Job Description

Mission Lane LLC is a fintech on a mission (no pun intended) to increase access to financial tools that help people thrive. We are raising the bar on fair credit access, easy money management, and convenient income discovery. Our philosophy is simple: when our customers do well, we do well. And we have only just begun.

As a representative of the Information Security team, you will work closely with Product and Engineering teams to ensure the products they are designing and building are secure and align with Mission Lane Information Security policies and patterns, and industry best practices.

The day-to-day functions of the Product Security Engineering Manager can look like the following:
  • Create the framework for the Product Security team in how they work and interact with product and engineering teams
  • Provide leadership for other Security Product roles, including interviewing, training, developing internal resources to ensure each individual is set up for success
  • Manage the other Product Security team members and provide support as needed
  • Develop partnerships across multiple lines of business to understand product roadmaps and engineering plans to ensure technical security integration and architecture requirements are included in the product you support
  • Facilitate planning and coordination with Information Security team and business stakeholders to ensure technical security integration and architecture requirements are implemented and deliverables provide desired cyber risk managed outcome
  • Act as a domain expert who assists Product and Engineering with the improvement of security
  • Assess residual risk of vulnerabilities and security weaknesses based on technical security knowledge and environmental factors specific to the product you support
  • Identify security weaknesses in the product you support as it relates to policies, patterns and industry best practices, and work collaboratively to develop remediation plans
  • Must have the ability to right size remediation plans for security weaknesses to the environment and product you support
  • Create automation (OPAs, organization level policies) to prevent issues / weaknesses from occurring
  • Remediate some security vulnerabilities specific to the product you support
  • Work with Product and Engineering to drive the adoption of core security services (Identity, Key Management, Detection and Response, Vulnerability Management, etc.) specific to the product you support
  • Take learnings from the product you support to be able to create and document company wide policies and patterns for security integrations and architecture
  • Interpret and implement information security policies and standards specific to the product you support
  • Communicate security and compliance requirements to product and engineering partners specific to the product you support
  • Provide business and technical advice on a wide variety of IT risk issues, concerns, and problems, making sure all business processes incorporate adequate information security
  • Be a technical leader in periodic systems and applications risk assessments, including those associated with the development of new or significantly changed applications
  • Monitor current and proposed laws, regulations, industry standards related to IT risk, privacy, and information security
To be set up for success from day one, a qualified candidate will have the following experience:
  • 8+ years experience working in a security engineering / architecture role
  • Experience working in Cloud environments (AWS and / or GCP and kubernetes)
  • Cloud Security related certifications (such as AWS Certified Security Specialist or GCP Professional Security Engineer)
  • Understanding of concepts for designing and maintaining a secure cloud environment
  • Understanding of legal / regulatory requirements and frameworks such as PCI-DSS, NIST CSF, NIST 800-53, ISO, etc.
  • Successfully executed in an agile environment and knowledge of CI/CD processes
  • Demonstrated experience working with development / engineering teams to identify and remediate vulnerabilities
  • Experience applying OWASP top 10 and other security risk tools
  • Proficiency in status and dynamic code vulnerability scanning tools (Sonarqube, Fortify, etc.)
  • An organized and attention-to-detail approach (strong tactical execution), effective problem-solving skills, and the ability to make
  • sound decisions in a self-directed and fast-paced environment
  • Excellent communication skills (written, verbal, presentation, and interpersonal)
More About Mission Lane

Mission Lane is based in the U.S., with offices in Richmond, Virginia & San Francisco, California. Founded in December 2018, we've rapidly grown to over 1 million customers.

It all started with a realization: nearly fifty percent of the adult population in the U.S. doesn't have access to a clear line of credit. And by "clear" we mean credit without crazy fees that only increase debt. Most traditional credit card companies either overlook or overcharge this group because they have less-than-prime credit scores or no score at all. We decided this just wouldn't do.

We understand that everyone doesn't have the same opportunities. We also know that everyone joins us at different stages of their financial journeys. Providing access to clear credit was a critical first step, but our work isn't done. We are actively developing new products designed to meet our customers where they are, according to their needs.

We get it - life happens. That's why Mission Lane is hard at work paving a better way forward.

Just like for our customers, Mission Lane creates opportunities for our employees to learn, grow, and prosper. We strive to create an environment that brings out the best in everyone, everyday.
  • Mission Lane is an Equal Opportunity Employer committed to diversity and inclusion in the workplace. All qualified applicants will receive consideration for employment without regard to sex, race, color, age, national origin, religion, physical and mental disability, genetic information, marital status, sexual orientation, gender identity/assignment, citizenship, pregnancy or maternity, protected veteran status, or any other status prohibited by applicable national, federal, state or local law.

    Mission Lane is not currently sponsoring new applicant employment authorization for this position. And please, no third party recruiters.