Security Software Engineer
What the Job Entails
- Evaluate the key frameworks (and their ecosystems) that form the core platform for Credit Karma Engineering, looking for areas where framework improvements could eliminate the potential for vulnerabilities to be introduced.
- Envision, design and implement core libraries and wrappers which surface key security concerns and automatically address them wherever possible.
- Help make sure security capabilities are used correctly.
- Support vulnerability remediation by recommending holistic solutions instead of brittle point-fixes.
- Refactor existing codebase to leverage new security framework capabilities with an eye toward transition from monolithic to service-oriented architecture.
Our Ideal Candidate
- B.S. in Computer Science or related technical major or significant job experience.
- Minimum 5 years security experience, both as a builder and breaker, preferably.
- Technical depth in many, if not most of the following areas: LAMP stack, Node.js, Scala/Java, mobile, PKI, HTTP-based SOA/microservices, encryption, hashing, tokenization, secure randomness, Hardware Security Modules (HSMs), canonicalization, output encoding, message-based security, rate-limiting, anti-automation, role-based access control (RBAC), and large-scale data transport.
- Working knowledge of all vulnerability classes on the OWASP Periodic Table of Vulnerabilities, with strong conceptualization of designs that make it impossible for developers to introduce those vulnerabilities.
- Thorough understanding of InfoSec control frameworks and how they can be realistically implemented.
- Thought leadership in the security field, with demonstrable contributions to industry groups strongly desired.
- Artful communication skills and organizational savvy, to steer peers and leadership toward solutions that carefully balance business, risk, compliance, and engineering concerns.
- Eagerness to challenge the status quo, balanced with a reasonable and methodical approach to effecting change.
- A fun and positive attitude!
Meet Some of Credit Karma's Employees
Jonathan works cross-functionally to develop products that help people feel in control of their credit, their options, and their futures.
Back to top