Principal Security Engineer

Posted Sep 30

Array is a financial innovation platform that helps digital brands, financial institutions, and fintechs get compelling consumer products to market faster. We deliver a suite of credit and identity monitoring tools, privacy protection, and a financial ads marketplace via embeddable widgets or a clean, modern API. Our private label offerings help drive revenue and increase engagement for our customers while empowering millions of consumers to achieve their financial goals.

As a remote-first company, we’re focused on providing opportunities for high performing individuals to have deep impact in the fast growing fintech space. A clear mission, a commitment to continuous improvement and a willingness to experiment empower us individually and together deliver the best products for our clients and users.

As a Principal Security Engineer at Array, you will be responsible for designing, implementing, and maintaining robust security measures to protect our organization from cyber threats and vulnerabilities. You will work closely with cross-functional teams to ensure the confidentiality, integrity, and availability of our systems and data. This role reports to the Vice President of Information Security.

You Will: 

  • Take charge of incident response efforts for system and network security events.
  • Iteratively plan, prioritize, and monitor security measures to safeguard data, systems, and networks.
  • Analyze security event logs, application & network data, and develop analytics to bolster our information security risk posture.
  • Regularly assess IT security levels and ensure production environment hardening.
  • Ensure data and infrastructure protection through the promotion of appropriate security controls.
  • Passively test and identify network and system vulnerabilities, staying ahead of threats.
  • Evaluate architectural changes for security implications and contribute cybersecurity expertise in architecture reviews for Array's API platform.

You Have:

  • Over 12 years of work experience in incident detection, incident response, and forensics.
  • Programming proficiency in at least one language like: Go, Python, Java, or Node.
  • Experience with GitLab DevSecOps features.
  • Strong grasp of NIST standards and OWASP protocols.
  • Experience with Firewalls, IDS/IPS, Security, VSX, and endpoint security.
  • Awareness of new cybersecurity trends, hacking/exploitation techniques, and interest in securing cloud environments.
  • Hands on experience with cloud security, Google Cloud Platform security, and monitoring.
  • Experience securing APIs and hosted infrastructure from cyber exploitation and attack.
  • Knowledge of security across multi-vendor platforms.
  • Experience with ethical hacking.
  • Preferred certifications such as: Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), GIAC Certified Incident Handler (GCIH), Certified Information Systems Security Professional (CISSP).

Pay transparency: 

$198,000 - $262,000 Base

The pay range above represents the current low and high end of the compensation band for this position and may change in the future. Actual compensation may vary depending on factors such as candidate skills, qualifications and experience. Other compensation may include equity options and incentives.

Array Offers All Full Time Employees the following Benefits and Perks: 

  • Full medical, dental, and vision, premiums covered at 100% for full-time employees and 70% for dependents
  • Unlimited PTO and sick leave + 14 company holidays to encourage a healthy work-life blend
  • Partnership with Spring Health to support mental health 
  • 100% 401k match up to 4% with immediate vesting 
  • Generous and competitive parental leave for all parents
  • $2,000 medical travel coverage
  • $1,000 desk setup subsidy to set-up your unique remote office 
  • $100/month to subsidize wifi/cell phone expenses
  • Summer Fridays (half-day Fridays) from May to September
  • Arrayaversary Kits for work anniversaries

Not sure if you meet the Qualifications? We know that folks tend to only apply if they check every box. If you think you have the appropriate qualifications, but don’t meet every single one, we encourage you to still apply. We’d love to hear from you.

One of our core values at Array is to care and support one another, and that’s why we strive to create an environment where everyone feels empowered to bring their best selves to work. Diversity, equity, and inclusion foster collaboration, comfort, and confidence. We’re at our collective best when we each feel our best.

We are proud to be an equal opportunity workplace; we are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status.