Remotery

Security Software Engineer, AI & Automation

atNerdWalletRemoteUS flagCaliforniaFull-timeCybersecurity / Security EngineerMid-levelSenior$127k – $207k/year

Posted 3 hours ago

This is a fully remote position, open to applicants in California.

📋 Description

• Collaborate closely with security engineering and infrastructure teams to develop automation and AI-driven solutions that assist in identifying vulnerabilities, enhancing security reviews, and mitigating risks across our platforms.

• Take charge of security engineering projects that integrate software development, AI systems expertise, and security-oriented thinking to address significant challenges at scale.

• Design and construct multi-agent LLM systems and routing logic that automate threat modeling, security design reviews, policy Q&A, and vulnerability assessments at scale.

• Create retrieval-augmented generation (RAG) pipelines and semantic search systems for extensive code and documentation repositories.

• Develop automated code review functionalities that help detect insecure patterns and enhance software quality earlier in the development process.

• Design integrations with tools such as GitHub, Slack, Jira, Confluence, and cloud platforms to incorporate security guidance into daily engineering workflows.

• Build REST APIs and platform services with authentication, authorization, rate limiting, observability, and secure management of sensitive data.

• Design and maintain scalable data processing pipelines for large codebases and document repositories, encompassing extraction, indexing, stream processing, batch jobs, and parallel execution.

• Strengthen AI application security through controls like prompt injection prevention, sensitive data filtering, supply chain security, and secure management of model inputs and outputs.

• Enhance NerdWallet's secure software development lifecycle (SSDLC) through automation, tools, and developer-friendly security practices.

• Collaborate with engineering teams to prioritize and address application and infrastructure security vulnerabilities.

• Assist in incident response and on-call requirements by providing security engineering expertise, tools, automation, and analysis during security incidents.

• Discover new opportunities for automation and AI enhancement across the security team, applying fresh perspectives and independent thinking to a growing backlog of impactful work.


⛳️ Requirements

• 3+ years of experience in software engineering or security engineering.

• Strong expertise in Python or Go for developing production-grade backend services, APIs, and data pipelines; adaptability in switching between languages is expected.

• Experience in building and maintaining backend services, including REST APIs, authentication, authorization, rate limiting, streaming, and observability.

• Working knowledge of application security principles, including common vulnerability types such as injection, broken authentication, cross-site scripting, insecure authorization, and secrets exposure; familiarity with threat modeling and SSDLC practices.

• Practical experience in constructing AI-driven systems utilizing LLM APIs, including retrieval-augmented generation (RAG) pipelines, multi-agent architectures, and semantic search; understanding of AI-specific security risks like prompt injection, sensitive data exposure, and secure management of model inputs and outputs.

• Genuine enthusiasm for AI and its application to security, not merely as a tool but as a domain to deeply understand, including its limitations and risks.

• Experience in developing and managing distributed systems and cloud environments, including message queues, NoSQL databases, AWS, containers, Kubernetes or ECS, serverless, and infrastructure as code.

• Knowledge of caching and performance patterns, including Redis, semantic caching, TTLs, and cache invalidation.

• Excellent communication skills, capable of clearly explaining complex AI and security concepts to both technical and non-technical audiences, and confident in advising stakeholders on trade-offs and limitations.


🏝️ Benefits

• Industry-leading medical, dental, and vision health care plans for employees and their dependents.

• Rejuvenation Policy – Flexible Vacation Time Off + 11 holidays + holiday company shutdown.

• New Parent Leave for employees welcoming a newborn child or a child placed with them for adoption or foster care.

• Mental health support.

• Paid sabbatical after 5 years for Nerds to recharge, gain knowledge, and pursue their interests.

• Health and Dependent Care FSA and HSA Plan with monthly NerdWallet contribution.

• Monthly Wellness Stipend, Cell Phone Stipend, and Wifi Stipend (Only remote Nerds are eligible for the Wifi Stipend).

• Work from home equipment stipend and co-working space subsidy (Only remote Nerds are eligible for these stipends).

People also viewed

BlueLeaders3 hours ago

Formador/a de Oposiciones – Seguridad Social

ES flagSpain OnlyFull-timeCybersecurity / Security Engineer
ApplyView job
Reco3 hours ago

Security Researcher

US flagUnited States OnlyFull-timeCybersecurity / Security Engineer
ApplyView job
Sysdig3 hours ago

Director of Security Engineering

US flagUnited States OnlyFull-timeCybersecurity / Security Engineer$186k – $256k/year
ApplyView job
Westinghouse Electric Company3 hours ago

AI Security Manager

US flagPennsylvania OnlyFull-timeCybersecurity / Security Engineer$130.4k – $163k/year
ApplyView job
Chainguard3 hours ago

Principal Product Security Researcher

CA flagCanada OnlyFull-timeCybersecurity / Security Engineer
ApplyView job
Team Carney, Inc.3 hours ago

Multimedia Graphics Artist

US flagOklahoma OnlyFull-timeCybersecurity / Security Engineer
ApplyView job

Never miss a great job!

Get handpicked remote jobs straight to your inbox weekly.

Trusted by 7,400+ designers