RemoteLeaf Logo
Log in Sign up

Principal Security Engineer, Product & AI

2 weeks, 6 days ago
United States
Full-time
Lead
Security Engineer
Cybersecurity
AWS Generative AI Go Java Kubernetes LLM Machine Learning Network Security Python PyTorch SIEM TensorFlow Terraform
Apply Now
Marqeta

Marqeta

Marqeta is a pioneer in modern card issuing and payment solutions, offering businesses instant card issuance and payment processing through their innovative open API platform.

Diversified Financial Services
251-1K
Founded 2010
View All Jobs 26

Description

  • Lead product security engineering for the payment platform, including threat modeling, security architecture review, secure SDLC practices, and API security.
  • Build and mature the AI security program by developing genAI controls, securing ML pipelines, and supporting model evaluations with the Model Risk Office.
  • Provide security architecture oversight across infrastructure and enterprise security, including endpoint protection, network security, VPN, and corporate security controls.
  • Shape how security engineering scales through tooling, frameworks, security champions engagement, and partnerships with engineering teams.
  • Conduct security architecture reviews and threat modeling for new product features, APIs, and service integrations.
  • Define and maintain secure development lifecycle practices, including secure code review standards, API security patterns, and authentication and authorization frameworks.
  • Develop self-service security tooling and developer-facing guardrails that reduce friction while maintaining security posture.
  • Lead security strategy and risk assessment for AI/ML systems, including customer-facing AI products, fraud detection models, LLM integrations, and recommendation systems.
  • Perform security assessments of AI/ML model architectures, training pipelines, inference endpoints, and deployment infrastructure.
  • Partner with product security, infrastructure security, security operations, engineering, data science, and compliance, while mentoring security engineers and communicating risks to executive and board audiences.

Requirements

  • 10+ years of security engineering experience with demonstrated technical leadership across multiple security domains, or an equivalent combination of education and experience.
  • Deep product security expertise in threat modeling, security architecture review, secure code review, API security, authentication and authorization design, and secure SDLC practices.
  • Experience with or strong interest in AI/ML security, including adversarial attacks, model poisoning, prompt injection, data privacy, and AI supply chain threats.
  • Broad security fluency across infrastructure and enterprise security, including endpoint protection, network security, identity, and cloud security.
  • Experience working in cloud-native environments, with AWS preferred, and familiarity with AI/ML services such as Bedrock and SageMaker.
  • Proven ability to build security frameworks, tools, and programs from the ground up.
  • Strong programming skills in at least one language such as Python, Java, or Go, with the ability to read and review code across multiple languages.
  • Experience with security assessment methodologies and risk management frameworks.
  • Working knowledge of compliance and control frameworks relevant to financial services, including PCI DSS, SOX, SOC2, and NIST CSF.
  • Ability to communicate complex security risks to both technical and executive audiences.
  • Financial services or fintech experience is strongly preferred.
  • Experience securing payment processing systems, card issuing platforms, fraud detection models, or transaction monitoring infrastructure is preferred.
  • Hands-on experience with LLM security, including prompt injection mitigation, output filtering, RAG security, and agent security patterns, is preferred.
  • Experience with enterprise security platforms such as EDR, SIEM, identity providers, and network security tools is preferred.
  • Experience with ML frameworks such as PyTorch or TensorFlow, or a background in data science or machine learning engineering, is preferred.
  • Knowledge of AI governance, model risk management practices, and emerging AI regulatory frameworks such as the EU AI Act and NIST AI RMF is preferred.
  • Background in supply chain security, CI/CD pipeline security, or secure software composition analysis is preferred.
  • Experience with Kubernetes, containerized workloads, and Infrastructure as Code such as Terraform is preferred.
  • CISSP, CCSP, CISA, or other relevant security certifications are preferred.

Benefits

  • Remote-first Flexible First work model, with the role available anywhere within the United States or from the Oakland office.
  • Competitive base salary ranging from $218,300 to $321,000 depending on location tier.
  • Annual bonus eligibility tied to individual performance and company success.
  • Multiple health insurance options.
  • Flexible time off.
  • Retirement savings program with company contribution and after-tax contributions.
  • Equity in a publicly traded company plus an Employee Stock Purchase Program.
  • Family-forming benefits, fertility support, and up to 20 weeks of parental leave.
  • Free therapy sessions, financial and professional coaching, and legal advice.
  • Monthly stipend to support remote work.
  • Annual development dollars for learning and growth.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

6sense

Sr. Security Engineer, Field Security

6sense 1K-5K IT Services

6sense is hiring a Senior Security Engineer, Field Security to lead customer-facing security assurance efforts and support trust-building across sales, product, and security operations.

Costa Rica Full-time Senior Security Engineer
59 minutes ago
Backblaze

Sr. AI Security Engineer

Backblaze 251-1K IT Services

Backblaze is seeking a Senior AI Security Engineer to design and implement safeguards for internal AI use, with an emphasis on agentic systems, developer protection, and runtime security.

Mexico Colombia Argentina Costa Rica Senior AI (Artificial Intelligence) Security Engineer
Go Java OpenTelemetry Python Secrets Management TypeScript
3 hours, 58 minutes ago
DaCodes

Principal AI Security Engineer - LATAM & Mexico - English Required

DaCodes 51-250 Internet Software & Services

DaCodes is seeking a Principal AI Security Engineer to lead security design and governance for Generative AI, LLM, AI agent, and MLOps environments across enterprise and cloud platforms.

Chile Colombia Uruguay Mexico Argentina Full-time Lead AI Engineer Security Engineer
Active Directory AWS Azure C# Cybersecurity DevSecOps GCP Generative AI Git GitHub GitHub Actions Go Java Jenkins Linux LLM Microservices MLOps Python REST API Secrets Management Terraform
5 hours, 43 minutes ago
AHEAD

DevSecOps Engineer

AHEAD 1K-5K IT Services

AHEAD is seeking a DevSecOps Engineer in Gurugram to help build and secure AWS platform environments, standardize delivery practices, and improve developer tooling for cloud-based application teams.

India Full-time Senior DevOps Engineer Security Engineer
API Gateway AWS Bash GitHub Actions Python Serverless Terraform WAF
7 hours, 46 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers