RemoteLeaf Logo
Log in Sign up

Principal Security Engineer, Product & AI

3 weeks ago
United States
Full-time
Lead
Security Engineer
Cybersecurity
AWS Generative AI Go Java Kubernetes LLM Machine Learning Network Security Python PyTorch SIEM TensorFlow Terraform
Apply Now
Marqeta

Marqeta

Marqeta is a pioneer in modern card issuing and payment solutions, offering businesses instant card issuance and payment processing through their innovative open API platform.

Diversified Financial Services
251-1K
Founded 2010
View All Jobs 23

Description

  • Lead product security engineering for the payment platform, including threat modeling, security architecture review, secure SDLC practices, and API security.
  • Build and mature the AI security program by developing genAI controls, securing ML pipelines, and supporting model evaluations with the Model Risk Office.
  • Provide security architecture oversight across infrastructure and enterprise security, including endpoint protection, network security, VPN, and corporate security controls.
  • Shape how security engineering scales through tooling, frameworks, security champions engagement, and partnerships with engineering teams.
  • Conduct security architecture reviews and threat modeling for new product features, APIs, and service integrations.
  • Define and maintain secure development lifecycle practices, including secure code review standards, API security patterns, and authentication and authorization frameworks.
  • Develop self-service security tooling and developer-facing guardrails that reduce friction while maintaining security posture.
  • Lead security strategy and risk assessment for AI/ML systems, including customer-facing AI products, fraud detection models, LLM integrations, and recommendation systems.
  • Perform security assessments of AI/ML model architectures, training pipelines, inference endpoints, and deployment infrastructure.
  • Partner with product security, infrastructure security, security operations, engineering, data science, and compliance, while mentoring security engineers and communicating risks to executive and board audiences.

Requirements

  • 10+ years of security engineering experience with demonstrated technical leadership across multiple security domains, or an equivalent combination of education and experience.
  • Deep product security expertise in threat modeling, security architecture review, secure code review, API security, authentication and authorization design, and secure SDLC practices.
  • Experience with or strong interest in AI/ML security, including adversarial attacks, model poisoning, prompt injection, data privacy, and AI supply chain threats.
  • Broad security fluency across infrastructure and enterprise security, including endpoint protection, network security, identity, and cloud security.
  • Experience working in cloud-native environments, with AWS preferred, and familiarity with AI/ML services such as Bedrock and SageMaker.
  • Proven ability to build security frameworks, tools, and programs from the ground up.
  • Strong programming skills in at least one language such as Python, Java, or Go, with the ability to read and review code across multiple languages.
  • Experience with security assessment methodologies and risk management frameworks.
  • Working knowledge of compliance and control frameworks relevant to financial services, including PCI DSS, SOX, SOC2, and NIST CSF.
  • Ability to communicate complex security risks to both technical and executive audiences.
  • Financial services or fintech experience is strongly preferred.
  • Experience securing payment processing systems, card issuing platforms, fraud detection models, or transaction monitoring infrastructure is preferred.
  • Hands-on experience with LLM security, including prompt injection mitigation, output filtering, RAG security, and agent security patterns, is preferred.
  • Experience with enterprise security platforms such as EDR, SIEM, identity providers, and network security tools is preferred.
  • Experience with ML frameworks such as PyTorch or TensorFlow, or a background in data science or machine learning engineering, is preferred.
  • Knowledge of AI governance, model risk management practices, and emerging AI regulatory frameworks such as the EU AI Act and NIST AI RMF is preferred.
  • Background in supply chain security, CI/CD pipeline security, or secure software composition analysis is preferred.
  • Experience with Kubernetes, containerized workloads, and Infrastructure as Code such as Terraform is preferred.
  • CISSP, CCSP, CISA, or other relevant security certifications are preferred.

Benefits

  • Remote-first Flexible First work model, with the role available anywhere within the United States or from the Oakland office.
  • Competitive base salary ranging from $218,300 to $321,000 depending on location tier.
  • Annual bonus eligibility tied to individual performance and company success.
  • Multiple health insurance options.
  • Flexible time off.
  • Retirement savings program with company contribution and after-tax contributions.
  • Equity in a publicly traded company plus an Employee Stock Purchase Program.
  • Family-forming benefits, fertility support, and up to 20 weeks of parental leave.
  • Free therapy sessions, financial and professional coaching, and legal advice.
  • Monthly stipend to support remote work.
  • Annual development dollars for learning and growth.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

The Missing Link

Saviynt IAM Specialist

The Missing Link 51-250 Internet Software & Services

The Missing Link is seeking a Security Engineer - Saviynt to support large enterprise identity governance initiatives, design and deliver Saviynt-based solutions, and strengthen its growing cyber security practice.

India Full-time Mid Level Security Engineer
Active Directory Azure Cybersecurity JavaScript PowerShell REST API SAP SQL
15 hours, 41 minutes ago
EnableComp

AI Security Architect (REMOTE - United States)

EnableComp 251-1K Insurance

EnableComp is seeking a remote AI Security Architect to secure and govern its AI and machine learning initiatives within its healthcare revenue cycle management environment.

United States Full-time Senior AI Engineer Security Engineer
Azure Cybersecurity HIPAA LLM Machine Learning
15 hours, 56 minutes ago
Dropbox

Senior Infrastructure Security Engineer

Dropbox 1K-5K Internet Software & Services

Dropbox is hiring a Security Engineer to secure its AI and agentic infrastructure while helping protect products and users across cloud and on-prem environments.

Canada Full-time Lead Infrastructure Engineer Security Engineer
$152k-$206k
Bash CI/CD CrowdStrike Go Java Kubernetes Linux LLM Node.js OAuth OpenID Connect OWASP Python Ruby Rust SIEM
15 hours, 56 minutes ago
Fullscript

Staff, Security Engineer

Fullscript 251-1K Health Care Providers & Services

Fullscript is hiring a Staff Security Engineer to lead hands-on security engineering across its healthcare technology platform, shaping secure product development and protecting systems that support practitioners and patients.

United States Canada Full-time Lead Security Engineer
AWS GitHub GitLab GraphQL JavaScript Node.js Penetration Testing Ruby on Rails
16 hours, 26 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers