Talent.com
Senior Security Engineer
Senior Security EngineerMedium • San Francisco, CA, United States
Senior Security Engineer

Senior Security Engineer

Medium • San Francisco, CA, United States
23 hours ago
Job type
  • Full-time
Job description

About GoodLeap

GoodLeap is a technology company delivering best-in-class financing and software products for sustainable solutions, from solar panels and batteries to energy-efficient HVAC, heat pumps, roofing, windows, and more. Over 1 million homeowners have benefited from our simple, fast, and frictionless technology that makes the adoption of these products more affordable, accessible, and easier to understand. Thousands of professionals deploying home efficiency and solar solutions rely on GoodLeap’s proprietary, AI-powered applications and developer tools to drive more transparent customer communication, deeper business intelligence, and streamlined payment and operations. Our platform has led to more than $30 billion in financing for sustainable solutions since 2018.

GoodLeap is also proud to support our award-winning nonprofit, GivePower, which is building and deploying life-saving water and clean electricity systems, changing the lives of more than 1.6 million people across Africa, Asia, and South America.

Position Summary

The GoodLeap security team is responsible for both business enablement and safeguarding the organization’s information assets; it is involved in virtually all aspects of the business, from product safety and resilience, to building security paved roads, customer, partner, and regulatory trust, managing technology governance and compliance, and ensuring the privacy, and safety of GoodLeap’s customers, partners, and employees information.

The senior security engineer role provides a unique opportunity to shape the security and resilience of GoodLeap corporate systems, services, and operational processes. In this role, you will work closely with product, engineering, IT, and business teams within GoodLeap, acting as the key individual with both the authority and responsibility to ensure the safety and resilience of enterprise systems, products, and services.

Your oversight will encompass :

  • Enterprise systems : Identifying potential misuse and abuse cases, proposing solutions to address these scenarios, and identifying product features, configuration settings, and / or mitigating or compensating controls to meet resilience requirements.
  • Build-time controls : Managing applications / products security controls and activities during development.
  • Runtime controls : Overseeing security measures at runtime, from prevention to detection and response.

Additionally, you will be involved with aspects of internally built products and represent all areas of security, spanning governance, risk, and compliance (GRC) to security monitoring, for a number of departments / teams. You will also have the authority and ability to involve other security team members as needed.

While you will take on multiple responsibilities—from advisor to builder and beyond—your primary focus will be designing and building security patterns and practices for services and processes, and fostering strong relationships with product, business, and engineering.

Essential Job Duties & Responsibilities

  • Lead, participate in, and contribute to partnerships between security, IT, General & Administrative teams, engineering, product, and operations teams to build, orchestrate, and automate security controls and services in GoodLeap enterprise systems, products, services, and operational processes.
  • Identify potential misuse and abuse cases in enterprise systems, propose solutions to address these scenarios, and identify product features, configuration settings, and / or mitigating or compensating controls to meet resilience requirements.
  • Support or develop components of the security analytics platform.
  • Contribute to investigations, threat hunting, and incident response activities in a supporting role.
  • Collaborate with the monitoring and response team to create playbooks for specific incident response scenarios related to the products and services you oversee. These investigations, incidents, and playbooks may address security, fraud, privacy, resilience, and related concerns.
  • Support the security operations team with the vulnerability management lifecycle for products and services under your purview.
  • Ensure technical alignment for the products and services you oversee with team initiatives, including GRC, security operations, and monitoring and response activities.

    • Required Skills, Knowledge & Abilities

  • Strong communicator with the ability to lead technical architecture discussions, drive technical decisions, and effectively communicate with non-technical audiences.
  • Expertise in agile product lifecycles. Ideally, you have experience in a product manager or engineering manager role and understand how SaaS products (B2B, B2B2C, and B2C) are built, including roadmap planning and feature and defect prioritization.
  • Experience with threat modeling methodologies, with the ability to create efficient and scalable approaches to conducting such assessments.
  • Familiarity with AWS services, including KMS, SST, Container Registry, ELBs, Lambda, API Gateway, CloudTrail, and IAM (knowledge of GCP and / or Azure is a plus).
  • Proven ability to establish credibility and build trust with business, engineers, and operational staff; confident yet humble.
  • Hands‑on experience with managing security for core enterprise systems, e.g., ERP, HCM, Salesforce, etc.
  • Strong understanding of both human and non‑human identity management and common enterprise and consumer authentication standards and use cases.
  • Practical experience with CI / CD pipelines and DevOps tools, including Infrastructure-as-Code (IaC) tools like Terraform, Pulumi, or CDK; GitHub and GitHub Actions; artifact management; and secrets management tools like Doppler and HashiCorp Vault.
  • Passionate about learning new technologies. While you’re not expected to know everything, you should demonstrate a willingness and ability to learn as needed.
  • Prior experience interfacing and supporting with G&A teams, internal product teams, and other cross‑functional areas.
  • Proficiency in writing automation scripts in multiple languages, with prior experience automating security processes in cloud or SaaS environments.
  • Experience engaging with vendors in design partnerships.
  • Experience overseeing vulnerability and threat management at the platform and application levels.
  • Familiarity with penetration testing and red team exercises, including manual verification, exploitation, and lateral movement.
  • Ability to balance a high‑level view of security strategy with attention to detail, ensuring thorough and effective execution.

    • $146,000 - $170,000 a year

    In addition to the above salary, this role may be eligible for a bonus.

    Additional Information Regarding Job Duties and Job Descriptions

    Job duties include additional responsibilities as assigned by one's supervisor or other managers related to the position / department. This job description is meant to describe the general nature and level of work being performed; it is not intended to be construed as an exhaustive list of all responsibilities, duties and other skills required for the position. The Company reserves the right at any time with or without notice to alter or change job responsibilities, reassign or transfer job position or assign additional job responsibilities, subject to applicable law. The Company shall provide reasonable accommodations of known disabilities to enable a qualified applicant or employee to apply for employment, perform the essential functions of the job, or enjoy the benefits and privileges of employment as required by the law.

    If you are an extraordinary professional who thrives in a collaborative work culture and values a rewarding career, then we want to work with you! Apply today!

    We are committed to protecting your privacy. To learn more about how we collect, use, and safeguard your personal information during the application process, please review our Employment Privacy Policy and Recruiting Policy on AI.

    #J-18808-Ljbffr

    Create a job alert for this search

    Senior Security Engineer • San Francisco, CA, United States

    Related jobs
    Senior Security Engineer

    Senior Security Engineer

    Medium • San Francisco, CA, United States
    Full-time
    GoodLeap is a technology company delivering best-in-class financing and software products for sustainable solutions, from solar panels and batteries to energy-efficient HVAC, heat pumps, roofing, w...Show more
    Last updated: 1 day ago • Promoted
    Senior Security Engineer, Blockchain

    Senior Security Engineer, Blockchain

    Robinhood • Menlo Park, CA, United States
    Full-time
    Join us in building the future of finance.Our mission is to democratize finance for all.An estimated $124 trillion of assets will be inherited by younger generations in the next two decades.The lar...Show more
    Last updated: 10 days ago • Promoted
    Senior Security Engineer

    Senior Security Engineer

    Qualified • San Francisco, CA, United States
    Full-time
    Qualified is the Agentic Marketing Platform for B2B companies.With Piper the AI SDR Agent, Qualified offers a whole new way to grow inbound pipeline. Piper operates across both the website and email...Show more
    Last updated: 30+ days ago • Promoted
    Senior Security Engineer

    Senior Security Engineer

    EchoTwin AI • San Francisco, CA, United States
    Full-time
    EchoTwin AI is pioneering AI-driven infrastructure intelligence, redefining how cities are managed.Powered by a proprietary visual intelligence engine with full spatial reasoning, EchoTwin transfor...Show more
    Last updated: 7 days ago • Promoted
    Senior Security Engineer

    Senior Security Engineer

    Loft Orbital • San Francisco, CA, United States
    Full-time
    Loft Orbital is revolutionizing access to space by building reliable, shareable satellites that drastically reduce the time and complexity traditionally required to get to orbit.We operate satellit...Show more
    Last updated: 30+ days ago • Promoted
    Senior / Staff Enterprise Security Engineer

    Senior / Staff Enterprise Security Engineer

    Abridge • San Francisco, CA, US
    Full-time
    Senior / Staff Enterprise Security Engineer Join to apply for the.Senior / Staff Enterprise Security Engineer.About Abridge Abridge was founded in 2018 with the mission of powering deeper understanding...Show more
    Last updated: 10 days ago • Promoted
    Senior Security Engineer - Corporate Security

    Senior Security Engineer - Corporate Security

    Rippling • San Francisco, CA, US
    Full-time
    Senior Security Engineer - Corporate Security Join to apply for the Senior Security Engineer - Corporate Security role at Rippling. About Rippling Rippling gives businesses one place to run HR, IT, ...Show more
    Last updated: 30+ days ago • Promoted
    Senior Security Engineer

    Senior Security Engineer

    Cohere • San Francisco, CA, United States
    Full-time
    Our mission is to scale intelligence to serve humanity.We’re training and deploying frontier models for developers and enterprises who are building AI systems to power magical experiences like cont...Show more
    Last updated: 8 days ago • Promoted
    Senior Security Engineer

    Senior Security Engineer

    LiveRamp • San Francisco, CA, United States
    Full-time
    LiveRamp is the data collaboration platform of choice for the world’s most innovative companies.A groundbreaking leader in consumer privacy, data ethics, and foundational identity, LiveRamp is sett...Show more
    Last updated: 23 hours ago • Promoted
    Senior Offensive Security Engineer

    Senior Offensive Security Engineer

    CHYM • San Francisco, CA, United States
    Full-time
    We are seeking a Senior Security Engineer to build and lead our Offensive Security program.In this role, you will attack Chime's services, applications, and infrastructure to discover security issu...Show more
    Last updated: 17 days ago • Promoted
    Senior Security Engineer

    Senior Security Engineer

    Sysdig • San Francisco, CA, United States
    Full-time
    At Sysdig, we believe cloud security isn't a compromise — it's a promise.From the start, our mission has been clear : to help organizations secure innovation in the cloud, the right way.We created F...Show more
    Last updated: 30+ days ago • Promoted
    Senior Security Engineer

    Senior Security Engineer

    Loft Orbital, Inc. • San Francisco, CA, United States
    Full-time
    Loft Orbital is revolutionizing access to space by building reliable, shareable satellites that drastically reduce the time and complexity traditionally required to get to orbit.We operate satellit...Show more
    Last updated: 30+ days ago • Promoted
    Senior Security Engineer

    Senior Security Engineer

    EchoTwin AI, Inc. • San Francisco, CA, United States
    Full-time
    EchoTwin AI is pioneering AI-driven infrastructure intelligence, redefining how cities are managed.Powered by a proprietary visual intelligence engine with full spatial reasoning, EchoTwin transfor...Show more
    Last updated: 30+ days ago • Promoted
    Senior Offensive Security Engineer

    Senior Offensive Security Engineer

    Chime • San Francisco, CA, United States
    Full-time
    We are seeking a Senior Security Engineer to build and lead our Offensive Security program.In this role, you will attack Chime’s services, applications, and infrastructure to discover security issu...Show more
    Last updated: 30+ days ago • Promoted
    Senior Security Engineer

    Senior Security Engineer

    EvenUp • San Francisco, CA, United States
    Full-time
    EvenUp is a venture-backed generative AI startup that ensures injury victims are awarded the full value of their claims, expanding the $100B+ in awards granted to injury victims every year.Every ye...Show more
    Last updated: 30+ days ago • Promoted
    Senior Security Engineer

    Senior Security Engineer

    Hayden AI • San Francisco, CA, United States
    Full-time
    At Hayden AI, we are on a mission to harness the power of computer vision to transform the way transit systems and other government agencies address real-world challenges.From bus lane and bus stop...Show more
    Last updated: 30+ days ago • Promoted
    Senior Security Engineer

    Senior Security Engineer

    EvenUp Inc. • San Francisco, CA, United States
    Full-time
    EvenUp is on a mission to close the justice gap using technology and AI.We empower personal injury lawyers and victims to get the justice they deserve. Our products enable law firms to secure faster...Show more
    Last updated: 17 days ago • Promoted
    Senior Security Engineer - Offensive Security

    Senior Security Engineer - Offensive Security

    Plaid • San Francisco, CA, US
    Full-time
    Senior Security Engineer - Offensive Security Join to apply for the.Senior Security Engineer - Offensive Security.We believe that the way people interact with their finances will drastically improv...Show more
    Last updated: 2 days ago • Promoted