Application Security Engineer

Stash is on a mission to give the financial opportunity to all; we want to build financial systems that work for everyone—not just the wealthy. But that takes more than just a mission. It takes great people and an open, inclusive, and diverse environment where innovation and quality can thrive.

We are looking for an Application Security Engineer to join our team and protect our rapidly expanding web and mobile investment platform. As an Application Security Engineer, you’ll be responsible for identifying and architecting solutions that will protect Stash customers, employees and our product from attacks. This individual will utilize the latest technologies and techniques to create the most secure environment possible at Stash.

What you’ll do:

  • Working to identify areas of security vulnerabilities and drive cleverly engineered, scalable solutions that improve our defense-in-depth.
  • Helping other engineers design more secure systems via design input and code review
  • Enhance the SDLC to incorporate security development best practices, testing and auditing
  • Perform penetration tests, vulnerability scans and risk assessments on our microservices and infrastructure
  • Ability to balance our security risk and product advancement by clearly communicating risks to both technical and non-technical audiences.
  • Be a security subject matter expert and respond to any internal security engineering questions/requests
  • Assist with managing our bug bounty program and external testing engagements

What’s Required:

  • Bachelors in Computer Science or a related discipline or equivalent experience
  • 5+ years proven work experience as a security engineer, a software engineer with security experience or equivalent position
  • 2+ years experience working with cloud-based solutions
  • Strong understanding of secure application development practices
  • Experience with conducting security assessments
  • Software development experience with one of the following languages: Ruby on Rails, Scala, Java, or Go
  • Strong scripting experience in Python and/or Bash
  • Exceptional written and oral presentation skills


We believe that diversity and inclusion are essential to living our values, promoting innovation, and building the best products out there. Our success is directly related to the employees that we hire, grow and retain and we believe that our team should reflect the diversity of the customers that we serve.  

As an Equal Opportunity Employer, Stash is committed to building an inclusive environment for people of all backgrounds. We do not discriminate on the basis of race, color, gender, sexual orientation, gender identity or expression, religion, disability, national origin, protected veteran status, age, or any other status protected by law. Everyone is encouraged to apply.

Benefits & Perks:

  • Equity in Stash                           

  • Flexible Vacation

  • Family-Friendly Medical, Dental, and Vision Insurance Plans

  • 401k

  • Learning & Development Stipend

  • Commuter Benefits and Flexible Spending Account (FSA)

  • Employee referral bonuses

  • Stocked fridges & kitchens and catered lunch on Fridays

  • Thursday happy hours  

  • Team outings that do not involve trust falls...

Awards & Recognition:

  • Forbes Fintech 50 Most Innovative Fintech Companies (2019)

  • LendIt Fintech Innovator of the Year (2019)

  • Built in NYC's Best Places to Work (2019)

  • Built in NYC’s Startups to Watch (2018)

  • Wall Street Journal's "Top 25 Tech Companies to Watch" in 2018

  • MarCom Awards Double Gold & Platinum Winner (2018)

  • Webby Award Winner for Best Mobile Sites & Apps in the Financial Services and Banking (2017)

  • W3 Awards Winner for Best User Experience (2017)

**No recruiters, please.

See Inside the Office of Stash

Back to top