Senior Security Engineer, Earnin

• Strong experience in penetration testing, including identifying and exploiting security flaws in web applications, APIs, and infrastructure
• Proficiency in security architecture reviews, understanding of secure design principles, and ability to communicate findings effectively
• Experience creating and critically reviewing data flow diagrams (DFDs) to identify security issues
• Excellent attention to detail and ability to document findings thoroughly
• Programming experience (Python, Java, JavaScript, or similar)
• Experience with security tooling such as Nmap, Burp Suite, Metasploit, or custom-built security scripts
• Familiarity with threat modeling methodologies and security frameworks (e.g., STRIDE, OWASP, NIST)
• Strong understanding of web application security, authentication mechanisms, and cloud security principles
• Ability to work cross-functionally with product, engineering, and security teams to integrate security at every stage of development
• Knowledge of container security (Docker, Kubernetes) and cloud platforms (AWS, Azure)
• Understanding of vulnerability management processes and security risk assessment frameworks

• We are seeking a highly skilled and motivated Offensive Security Engineer to join our security team
• The ideal candidate will be responsible for conducting penetration testing on our company applications, identifying vulnerabilities, and providing actionable recommendations to enhance our security posture. This position is full-time and remote
• Conduct internal penetration testing on our product to identify security vulnerabilities and assess risk
• Perform security architecture reviews for new product features, ensuring robust design and threat mitigation
• Create, analyze, and critically review data flow diagrams (DFDs) to identify potential security weaknesses
• Collaborate with engineering teams to provide secure design recommendations and integrate security best practices
• Ensure thorough documentation and attention to detail in security assessments and findings
• Assist with vulnerability management, including reviewing security findings and prioritizing remediation
• Help develop and maintain security guidelines, best practices, and technical documentation
• Stay updated on the latest security threats, attack techniques, and defensive strategies
• Provide mentorship and security guidance to engineering teams when needed

• 401k
• FSA
• Mental health resources
• Employee Resource Groups
• Stipend for growth opportunities
• Pet friendly office
• Work from home opportunities
• Health insurance

Total funding: $190.1m

Paying bills is an inevitable part of life, but paying them late or dipping into overdrafts can result in fees. This is the reality for millions of workers who have to wait for their pay checks to arrive – and the problem that companies like EarnIn are trying to solve. By allowing hourly workers access to their pay as it is earned rather than on a fixed date, it hopes to provide all Americans with the ability to deal with immediate costs without going into arrears.