Remote JobsRemote CompanyBlog
Sign In
Sign Up
Back to all jobs

Staff Security Engineer - DevSecOps

Remote, USA
$121,000 - $203,000
Software Development
DevSecOps
Security
Cloud
Software Development
Python

Marqeta is on a mission to change the way money moves. We’re one of the earliest enablers of embedded finance, a market opportunity sized up in the trillions. Our card issuing platform provides unprecedented flexibility and control for companies to issue cards, authorize transactions, and manage payment operations in real time.   Marqeta is powering the most well known brands in the new economy (Block, Cash App, Affirm, Instacart, Doordash, Uber, Walmart, etc). Today nearly 8 out of 10 Americans use a product powered by Marqeta every week. This is the opportunity of a lifetime to work with innovators around the world and unlock equitable financial access for all.

We are looking for a Staff Security Engineer with a passion for Secure SDLC in Cloud environment and deep expertise in DevSecOps. The ideal candidate will be excited about an opportunity to heavily contribute to the design of architectural strategies and engineer solutions to all aspects of Software Development Life Cycle (SDLC). 

We work Flexible First. This role can be performed remotely anywhere within the United States or from our Oakland office. We’d love for you to join us!

What You’ll Do

  • Perform and troubleshoot various application security tools into CI/CD pipeline
  • Perform spot validations to test an issue/fix
  • Perform Design Reviews, Threat Modeling for Marqeta’s products
  • Liaison with Bug Bounty programs, developer teams to track issues, provide remediation guidance and testing of the issues/fix
  • Provide support to all phases of penetration tests and red team activities, including Scoping, Planning, Communications, and Execution of key activities (Reconnaissance, Vulnerability identification, Exploitation, and Reporting)
  • Engagement with Core Engineering leads to ensure timely risk remediation
  • Work closely with development teams to ensure that security and infrastructure requirements are included in the design and implementation of applications
  • Take a role in the definition of relevant product security architecture strategies, roadmaps, policies, standards, and procedures
  • Maintain and update relevant solutions and tooling to support new business requirements while ensuring a consistent, compliant, and central service delivery
  • Document operational procedures (such as those for deployments, breakglass plans etc.) as well as current state architecture and configurations
  • Provide subject matter expertise to project teams, and other audiences as needed
  • Provide on-call rotation support to relevant services and tooling

What We’re Looking For

  • You have at least 5+ years of experience as an engineer with a Bachelor’s degree; or 3 years of experience with an advanced degree. Instead of a degree, 8+ years of relevant experience may suffice
  • Industry standard certifications like OSCP/OSCE/CEH, CISSP, CWAD 
  • Experience or knowledge about Payments or Financial Services
  • 5+ years of experience in software security (AppSec)
  • Expert-level knowledge of common web application vulnerabilities (OWASP Top 10) and how to find them 
  • Knowledge in threat modeling methodologies such as STRIDE or PASTA and their applied use in fast-moving, iterative development lifecycles
  • Developer-level proficiency in one or more languages - Python, Java, JavaScript, and Golang preferred
  • Knowledge of cloud native technologies including containers, Kubernetes, and services provided by AWS, GCP, or Azure
  • Experience in working with static analysis (SAST), dynamic analysis (DAST), and software composition analysis (SCA) security tools and integrating them in GitHub environment
  • Knowledge of OWASP ASVS, SCVS, and related verification standards
  • Demonstrated experience creating positive team and cross-team dynamics
  • Strong analytical and problem-solving skills that enable navigation of complexity, uncertainty, risks and issues
  • Ability to work independently or with a team, under minimum supervision
  • Proven ability to apply technical concepts to solve complex business challenges
  • Ability to network with key stakeholders across multiple teams to influence outcomes through well-articulated thoughts, strong presentation skills, and pragmatic solutions
  • Understand ownership and support positive outcomes
  • Remain constructive under pressure, with a flexible working style

Nice-To-Haves

  • Adversarial work on GenAI and ML
  • Experience with Java, Go, Rust, Python, C, C++, or Ruby
  • Experience with AWS cloud services, containerization technologies such as Kubernetes, and IaaC tooling such as Terraform or Helm
  • Knowledge of automated secure code Reviews

Your Manager

  • Krantikishor Bora - Senior Manager, Product Security

Recruiter For This Role

  • Steve Pestorich - Senior Staff Recruiter

Typical Process

  • Application submission
  • Recruiter phone call
  • Hiring manager video call
  • Virtual “Onsite” consisting of 4-5, 45 min calls
  • Offer!

Compensation and Benefits

Marqeta is a Flex First company which allows you to choose your best working environment, whether that be from home or at a company office. To support Flex First, we calibrate pay to a competitive value according to working location. Compensation is aligned according to three tiers within the United States:

  • National: A baseline tier that applies to most of the geographic territory of the United States.
  • Premium: Slightly elevated from the National tier, and oriented toward a narrower set of higher cost-of-living areas, such as Los Angeles CA and Seattle WA
  • Premium Plus: A tier for the most expensive working areas, like the San Francisco Bay area and New York City.

Visit this page or consult with a Recruiter to determine which tier would be applicable to you.

When determining salaries, we consider several factors including, but not limited to, skills, prior experience, and work location. The new-hire base salary range for this position is:

  • National:  $121,000 - $162,000
  • Premium: $137,000 - $183,000
  • Premium Plus: $152,000 - $203,000

We also believe in recognizing the contributions of our people. That's why we award annual bonuses to eligible employees, rewarding both individual performance and the success of the entire company.

Along with monetary compensation, Marqeta offers

  • Multiple health insurance options
  • Flexible time off – take what you need
  • Retirement savings program with company contribution
  • Equity in a publicly-traded company and an Employee Stock Purchase Program
  • Family-forming benefits, fertility support, and up to 20 weeks of Parental Leave
  • Free therapy sessions, financial and professional coaching, and legal advice
  • Monthly stipend to support our remote work model
  • Annual “development dollars” to support our people growth and development
 Apply this job
Please mention that you found this job on remotewlb.com. Thanks & good luck!
 Apply
 Save
Share to :

Marqeta

New Job Alert

COMING SOON~
Follow us on
Give a ⭐ on
Similar Jobs
Find more remote jobs
Do you love using our product?

Share a testimonial/suggestion.We'd love to hear about it!

Click to submit✍️
logo of sitemark

Copyright © RemoteWLB 2025

Browse by Category

Remote Dev JobsRemote Support JobsRemote Design JobsRemote Sales JobsRemote Product JobsRemote Business JobsRemote Data JobsRemote Devops JobsRemote Finance JobsRemote Legal JobsRemote HR JobsRemote QA JobsRemote Write JobsRemote Edu JobsRemote Market JobsRemote Management JobsRemote Others Jobs

Browse by Skills

Remote Python JobsRemote Go JobsRemote Java JobsRemote C# JobsRemote PHP JobsRemote Nodejs JobsRemote React JobsRemote Vue JobsRemote Angular JobsRemote IOS JobsRemote Rust JobsRemote Ruby JobsRemote Backend JobsRemote Frontend JobsRemote Fullstack Jobs

Others

BlogTestminationPrivacy policyBuy me a coffeeAbout usResume Builder