Palo Alto, CA
The Security team's mission is to secure our products and by extension, protect our clients and their accounts. Our security program has two goals: being security specialists for our product and engineering teams and ensuring the security of Wealthfront’s systems and data.
Reporting to our Head of Security, you'll work with staff across the company, to enhance the security of our product throughout the development and deployment lifecycle. At Wealthfront, Security is part of our Engineering organization, so you’ll need to be comfortable engaging as a partner and collaborator.
- Ensure the security of our codebase, production infrastructure and client data
- Collaborate with engineering and product to continuously improve our security posture
- Mentor engineers on security engineering and best practices
- Identify, coordinate, lead, and deliver security projects
- Build automated security tests, tooling, monitoring, and alerting
- Research security vulnerability disclosures and design and propose appropriate mitigations
- Participate in security response and join the security on-call rotation (~ 1 week / month)
- Mandatory: 2+ years USA based engineering experience (post graduation) in any security domain (eg: SDL, pentesting, fuzzing, threat modeling, attack surface reduction, source code analysis tools, vulnerability scanning, SIEM, threat intel, SecOps, CorpSec, ProdSec, DevOps)
- Understanding of current security threats, real-world attacks and mitigations
- Ability to evaluate and clearly communicate security options and tradeoffs
- Significant knowledge of secure coding practices, and a passion for helping other engineers embody them
- Experience programming in at least one scripting language
- BS or MS in computer science or related field, or equivalent professional experience
We employ engineers with diverse backgrounds, and you’ll be a good candidate for a position in our Security team if you have experience in any of the following:
- Software development experience in Java
- Automated testing, continuous integration / continuous deployment (Jenkins), or configuration management (Chef / Puppet)
- Hands on experience analyzing network traffic (HTTP, TLS, DNS, etc)
- Linux systems, TCP/IP networking, routing, firewalls, or IDS
- Experience with secure networking best practices
- Experience implementing security features in hybrid bare-metal/hosted environments such as full disk encryption
- Tools such as: burpsuite, w3af, BeEF, Nessus, Nexpose, Seccubus, shodan, Metasploit, Qualys, tcpdump, or wireshark
- Familiarity with ops-trust, FIRST, OWASP, NIST, CVE, CVSS, etc
Everyone across the financial spectrum deserves to live secure and rewarding lives. In order to successfully serve clients across the United States, the Wealthfront team is focused on hiring team members with a diverse range of backgrounds, experiences and perspectives. We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
Wealthfront is a nextgen banking service. We help you manage your money for both your short-term and long-term goals by providing a cash account with a top-of-market APY, best-in-class automated investment management, and free financial advice, anytime you want it. We entered into the banking space in a big way this past year with the launch of our cash account that offers an interest rate 18x greater than the national average. We’ve been overwhelmed by the response and grew over 100% last year to manage over $23 billion in total client assets.
Our ultimate vision is to optimize and automate all of our clients’ finances and build what we call Self-Driving Money™️. We want clients to be able to automatically deposit their paycheck into their Wealthfront account, and let us take care of the rest — paying their bills, topping off their emergency fund or 401(k), and investing the rest based on their specific goals and lifestyle. To get there, we’ll be focusing the bulk of our 2020 efforts on creating a better alternative to what the banking industry provides. Join us so you can help us turn this industry on its head and build a service that our clients don't just like, they love.