Systems Security Engineer
Credit Karma is working to make financial progress possible for everyone. The Platform Engineering team plays a pivotal role in this mission and influences how we deliver service to the world this is role is critical, Credit Karma’s 60 million members ultimately drive our business.
Security is a core value at Credit Karma. We help millions of people better manage their credit. Safeguarding their sensitive information is critical to our continued success. From the CEO down to each individual developer, everyone views security as a personal responsibility. Your unique mission as an System Security Engineer is to shape corporate and production infrastructure to defend itself against the evolving threat landscape and scale with the rapid growth of the company.
We are looking for an experienced Security focused Systems Engineer to help lead and grow our Infrastructure and service portfolio If you're an expert Systems Engineer and you have a passion for security, this role could be for you!
What You'll Do
- Conceive, architect, and direct implementation of the systems and processes that provide the authentication, and identity management for infrastructure controls for all Credit Karma operating environments.
- Own the strategic vision for System security, including implementation, and ensure that they are aligned with the Information Security policies and operations strategies.
- Support secure development lifecycle practices that emphasize early security design review to ensure that rapid iteration stays firmly planted in a strong authentication foundation.
What's Great About It?
- A satisfying mission, working to make financial progress possible to everyone – free of charge.
- Carrying out two positive missions at the same time: helping people take back control of their credit and helping to keep their personal information safe.
- Tackling a wide variety of challenges, as opposed to being limited to just a few areas of responsibility.
- Solving security problems at scale in a highly technology-focused team.Spending zero minutes convincing anyone why security is important - we all understand that very well already!
What We Expect:
- Strong unix development and operations background, with a solid grasp of all aspects of things IP, TCP, HTTP, and on upAs a hands-on technical specialist, handle complex and detailed technical work necessary to establish and maintain secure cloud security.
- Experience with version control and cloud deployment toolsStrong understanding of security models surrounding encryption, authentication, authorization and access controls.Understanding of cloud services, relational DBs, Linux virtualization (KVM, ESXI), and Linux containerization (Docker/LXC) technologies
- B.S. in Computer Science or related technical major (M.S./PhD preferred), or significant job experience.Minimum 10 years experience with customer-facing production infrastructure.
- Minimum 5 years operational security experience, including time in an architect role.
- Technical depth in many, if not most of the following areas: LAMP stack, Node.js, Scala/Java, network routing and firewalls, virtualization, containerization, virtual terminal solutions, intrusion detection/prevention, mobile, SaaS security, utility computing, PKI, HTTP-based SOA/microservices, and Identity and Access Management.
- Thorough understanding of InfoSec control frameworks and how they can be realistically implemented.
- Artful communication skills and organizational savvy, to steer peers and leadership toward solutions that carefully balance business, risk, compliance, and engineering concerns.
- Eagerness to challenge the status quo, balanced with a reasonable and methodical approach to effecting change.A fun and positive attitude!
Back to top