Work for one of our awesome portfolio companies

Red Dog Capital
Red Dog Capital

Senior Security Engineer



Software Engineering
New York, NY, USA
Posted on Monday, May 29, 2023
Senior Security Engineer at Grain (W20)
$140K - $190K  •  0.30% - 0.40%
Grain transforms the debit card you already have into a credit card by linking it to a line of credit based on your cash flow.
3+ years
About Grain

Grain replaces credit cards with a safe line of credit attached to the user’s existing debit card. So, we do not issue a card whatsoever. We give ~100M Millennials, Gen Zs and immigrants a line of credit based on their debit card activity that they can use to establish credit history or ease their cash flow.

About the role
Skills: Elasticsearch, JavaScript, Python, Kibana, Amazon Web Services (AWS)

As the first security engineer hire it can not be stressed enough how pivotal and foundational your work will be to the company.

About Grain:

Grain turns your debit card into a credit card by syncing with your primary checking account, analyzing your cashflow; then offering up a line of credit tailored to you (not your credit score). We never run a credit check. We never reject anyone. We don’t issue a physical card. Millennials, Gen Zs, and immigrants are using Grain as an alternative to the credit card in order to establish credit history or ease their cash flow.

We're challenging the notion that debit and revolving credit need to be distinct, siloed products. We believe that one should very much inform the other - one card with access to both.

We’re a YC-backed and venture funded startup. Since launching last year, we’ve been growing about 127% MoM on average with a 4.8 ratings on the App Store.

What you'll do:

  • Audit, assess, and grade our current security level and make recommendations and policies
  • Identify and establish the company's attack surface and possible risk
  • Investigate incidents and attacks using centralized logging tools
  • Create internal penetration tests and manage 3rd party penetration tests
  • Recommend and setup threat detection and monitoring services
  • Automate vulnerability discovery
  • Support product development by recommending and implementing security processes
  • Identify security requirements that map to product features
  • Setup IAM and access management in AWS and other tools
  • Establish an incident report and management process
  • Educate engineering team on security best practices and risks
  • Communicate technical concepts and issues to the non-technical
  • Instill a culture of security across the company; become the security expert
  • Assist in building out the security team; interviewing

About you:

  • 5+ years as a security engineer or comparable title
  • Experience in securing production cloud infrastructure and applications (managing secrets, securing CI/CD pipeline, authorization/authentication protocols, Web Application Firewalls, etc)
  • Experience in using centralized logging and monitoring systems for investigation and audits (Elasticsearch, Kibana, Grafana, Papertrail, NewRelic, etc)
  • Strong knowledge of common exploits, vulnerabilities, attack methods and defensive strategies (Endpoint Detection & Response, XSS, Man-in-the-Middle, etc)
  • Direct experience in cyber attack recovery and resolution Understanding of different cryptographic algorithms and their application
  • Experience with scripting and automation (Python, JavaScript, etc)
  • Experience with AWS and AWS services
  • Experience with bug tracking tools and software development
  • Organized; team and goal oriented

Bonus points:

  • Familiar with compliance standards (SOC 2, NIST, PCI DSS, etc) *Familiar with Cybersecurity frameworks (NIST 800-53, NIST CSF, CIS Top 20, MITRE ATT&CK)
  • Security certificate holder (OSCP, OSWP, CISSP, CISM, CISA, CEH, CIPP, etc)
  • Participation in Cybersecurity competition (Global Cyberlympics, Cyber quests, iCTF Competition)
  • Experience in FinTech
  • Experience in financial fraud detection and prevention techniques and strategies
  • Experience with backend software development (JavaScript, NodeJS)
  • Experience in small to mid startups

Benefits & Perks:

  • Medical
  • Dental
  • Vision
  • $1,500.00 professional development budget
  • Fitness/Wellness reimbursement
  • Internet reimbursement
  • Home office $1,000.00 stipend
  • Unlimited PTO with manager approval
  • Mental health days off
  • Annual company offsite

Node.Js Javascript Swift

Other jobs at Grain

fulltimeRemote (US)iOS3+ years

fulltimeNYCBackend$140K - $190K0.30% - 0.40%3+ years

fulltimeRemote (US)$79K - $86K3+ years

fulltimeNew York, Oakland / Remote (US)Backend$110K - $150K0.30% - 0.50%3+ years

fulltimeOakland, CA / Remote (US)Backend$130K - $160K0.40% - 0.70%6+ years

Hundreds of YC startups are hiring on Work at a Startup.

Sign up to see more ›