Senior Application Security Engineer

The role

SoFi Application Security team assists and partners with engineering, product and design organizations. Our mission is to secure the products and services delivered to our members and customers.

We deploy best in class Application Security practices, compliance frameworks, and design patterns by collaborating with product owners, engineers, and executives.

The mission is core to SoFi’s value Put our member’s interest first .

As a Senior Application Security Engineer, you will be responsible for building and implementing security tools and services to support the development of SoFi’s platforms, products, and services.

You will work in conjunction with Product security engineers, development, and product teams to to bake security controls into software development lifecycle.

This role is pivotal to build security with agility and help SoFi scale.

The ideal candidate will be highly collaborative, balancing the right level of security with business objectives, and working to creatively solve complex Application Security related problems in an agile environment.

What you’ll do :

Conduct application security design reviews to identify potential vulnerabilities and recommend mitigation strategies.

Perform comprehensive code reviews to ensure adherence to security best practices and identify security flaws.

Develop and implement security services, leveraging coding skills to create robust and scalable solutions.

Collaborate with development teams to integrate security into the software development lifecycle.

Design security features and controls to protect applications from threats and ensure compliance with security standards.

Provide guidance and mentorship to developers on secure coding practices and security architecture.

Stay current with the latest security trends, tools, and technologies to proactively address emerging threats.

Contribute to the continuous improvement of security processes and practices within the organization.

What you’ll need :

At least 3-5 years of experience in Python, Java or Golang, emphasizing writing clean, maintainable, and secure code.

Deep understanding of security fundamentals, including the OWASP Top 10 and best practices for application security.

Demonstrated understanding on CI / CD pipeline security best practices.

Knowledge of network and web-related protocols (e.g., TCP / IP, UDP, IPSEC, HTTP, HTTPS, routing protocols) and their security implications.

Understanding of the Application Layer of the OSI model and its security considerations.

Experience with securing mobile applications, understanding of mobile security best practices, and knowledge of platform-specific security features.

Strong understanding of API security, including best practices for securing RESTful and GraphQL APIs.

Ability to effectively prioritize and manage multiple work streams, ensuring timely and accurate delivery of security solutions.

Strong written and verbal communication skills for articulating complex security concepts and solutions to technical and non-technical stakeholders alike.

Strong understanding of data security principles and cryptography.

Preferred Qualifications :

Bachelor's degree in computer science or equivalent from a fully accredited college or university

4+ years' experience in Application security engineering

Experience with cloud-native products and an in-depth understanding of microservice topologies and implementations

4+ years of experience with programming in Golang or Python

Knowledge of CI / CD, application development, and testing tools

Ability to work in a fast-paced and Agile development environment

Work and play well with others; SoFi is a collaborative environment

Experience implementing data security solutions such as encryption, masking or tokenization

Nice to have :

Open-source projects and / or contributions to open-source community

AWS Certified Security / Solution Architect

Master's or PhD in Computer Science or Engineering

Financial services experience

Compensation and Benefits

The base pay range for this role is listed below. Final base pay offer will be determined based on individual factors such as the candidate’s experience, skills, and location.

To view all of our comprehensive and competitive benefits, visit our Benefits at SoFi page!

Pay range : $124,800.00 - $234,000.00

Payment frequency : Annual

This role is also eligible for a bonus, long term incentives and competitive benefits. More information about our employee benefits can be found in the link above.