Staff Infrastructure Security Engineer

The Infrastructure Security Engineer will work to ensure the privacy and integrity of our users’ sensitive information. Their objective will be to build core security tooling for platforms that perform the collection, computation, aggregation, and storage of personal financial data and partner with technical teams across the company, advising them on secure design patterns for cloud and corporate infrastructure. They will lead strategic initiatives to remediate and mitigate infrastructure security risk across the organization.

Projects you may be working on in this position include:

Design the security controls, automations, and infrastructure to support self-service AWS account creation and administration
Build tools to perform continuous monitoring, reporting, and remediation of cloud security issues
Design pragmatic baseline security controls to support new business units and rapid prototyping
Perform security design reviews for critical partnerships and new technologies

Where you can make an impact:

Develop and deploy security controls and measures to protect cloud-based infrastructure and services. This includes defining what good security looks like for cloud infrastructure and executing on initiatives that get us here. Ensure that security measures align with industry best practices and regulatory requirements.
Serve as a subject matter expert on cloud security matters, providing guidance and support to other engineering teams leveraging various tech stacks. This involves assisting with the design and implementation of secure network/infrastructure architectures and advising on security best practices.
Develop and implement automation scripts and workflows to streamline security operations and ensure consistent enforcement of security controls across cloud environments. Leverage Infrastructure as Code (IaC) tools such as Terraform to define and deploy security configurations programmatically.
Assess the security posture of public cloud environments. This involves reviewing configurations, access controls, identity management, encryption mechanisms, and compliance frameworks to identify potential security gaps and risks.
Monitor cloud environments for security events and anomalies, such as unauthorized access attempts, data breaches, and configuration changes. Utilize cloud-native security tools and SIEM (Security Information and Event Management) platforms to collect and analyze security logs and alerts. Respond promptly to security incidents, investigating root causes and implementing remediation actions.

You are:

A subject matter expert in AWS security controls and industry best practices for building secure cloud environments
Pragmatic in your approach to reducing risk in a manner that incorporates business and product needs
Focused on building scalable cloud security solutions that allow for a high degree of engineering autonomy while reducing risk to acceptable levels
Excited to lead roadmap items outside your core competencies to move the program forward and adapt to prioritize critical tasks as they arise
An ambassador for fostering a respectful, blameless, and collaborative work environment

Your experience:

We recognize not everyone will meet all of the criteria. If you meet most of the criteria below and you’re excited about the opportunity and willing to learn, we’d love to hear from you.

5+ years of experience in a professional cloud security engineering role with a focus on AWS.
2+ years experience writing infrastructure as Code (IaC) for production or environments using Terraform or other IaC tools.
Experience building in Python and comfortable with learning other programming languages as needed.
Experience building security integrations into CI/CD pipelines.
Experience in security monitoring, triage and incident response in cloud and corporate environments.
Experience building highly-scalable cloud security solutions with a high degree of autonomy while taking informed risks to move the business forward.
Demonstrated ability to work collaboratively and constructively with cross-functional stakeholders to support the needs of the business while evaluating and addressing risk.
Can mentor/coach junior engineers and provide them guidance when needed.
Demonstrated ability to identify and drive process improvements needs.
Experience driving large-scale security engineering projects across multiple cloud environments.


This role will be based in San Francisco, CA or remote (based in the U.S. or Canada).
We believe great work can be done anywhere. No matter where you are based, NerdWallet offers benefits and perks to support the physical, financial, and emotional well being of you and your family.

What we offer:

Work Hard, Stay Balanced (Life’s a series of balancing acts, eh?)

Industry-leading medical, dental, and vision health care plans for employees and their dependents
Rejuvenation Policy – Flexible Time Off + 13 holidays + 4 Mental Health Days Off
New Parent Leave for employees with a newborn child or a child placed with them for adoption or foster care
Mental health support through Headspace
Financial wellness, guidance, and unlimited access to a Certified Financial Planner (CFP) through Northstar
Paid sabbatical for Nerds to recharge, gain knowledge and pursue their interests
Health and Dependent Care FSA and HSA Plan with monthly NerdWallet contribution
Weekly Virtual Bootcamp, Yoga, and Mindfulness Meditation sessions
Monthly Wellness Stipend, Cell Phone Stipend, and Wifi Stipend

Have Some Fun! (Nerds are fun, too)

Nerd-led group initiatives – Intramural Sports, Employee Resource Groups for Parents, Diversity and Inclusion, Women, LGBTQIA, and other communities
Hackathons, Happy Hours, and team events across all teams and departments
Company-wide events like Little Nerds Day (aka bring your kids to work day, even if you’re remote!) and our annual Charity Auction

Lifestyle (Be your best self – we’ll take care of the details)

Our Nerds love to make an impact by paying it forward – Donate to your favorite causes with a company match
Work from home equipment stipend and co-working space subsidy
Anniversary recognition program – choose from different items and experiences
Commuting stipend

Plan for your future (And when you retire on your island, remember the little people)

401K with company match
Annual Enrichment Stipend for learning and development
Be the first to test and benefit from our new financial products and tools
Access to Rocket Lawyer for online legal support and resources

If you are based in California, we encourage you to read this important information for California residents linkedhere.

NerdWallet is committed to pursuing and hiring a diverse workforce and is proud to be an equal opportunity employer. We prohibit discrimination and harassment on the basis of any characteristic protected by applicable federal, state, or local law, so all qualified applicants will receive consideration for employment.

NerdWallet participates in the Department of Homeland Security U.S. Citizenship and Immigration Services E-Verify program for all US locations. For more information, please see:

E-Verify Participation Poster (English+Spanish/Español)
Right to Work Poster (English) / (Spanish/Español)

Base pay offered may vary within the posted range based on several factors, including but not limited to education, job-related knowledge, skills, experience, and location.

The pay range for this role is
$152,000$282,000 USD

Originally posted on Himalayas


Leer más

Infrastructure Security Engineer, Sr. Infrastructure Security Engineer, Infrastructure Security Engineering Leader, Security Engineering Team Member 

Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors

Recibe las nuevas ofertas de trabajo

Accede a herramientas de Empleabilidad TOP

Te enviaremos las herramientas I.A. a tu correo (para optimizar tu CV, Networking, LinkedIn y más)