jobloom

JobLoom finds jobs directly from company career sites before many job boards, then routes you into detailed role pages like this one.

security

Posted May 14

Principal Security Engineer, Product & AI

at Marqeta

United StatesRemote
You are nearing today's limit. Upgrade for unlimited access.
PythonJavaAWSKubernetesTerraformpytorchtensorflow

Responsibilities

  • Lead product security engineering for our payment platform—owning threat modeling, security architecture review, secure SDLC practices, and API security across the engineering organization
  • Shape how security engineering scales across the organization through tooling, frameworks, security champions engagement, and engineering partnerships
  • Conduct security architecture reviews and threat modeling for new product features, APIs, and service integrations across the payment platform
  • Define and maintain secure development lifecycle practices including secure code review standards, API security patterns, and authentication/authorization frameworks
  • Develop self-service security tooling and developer-facing guardrails that reduce friction while maintaining security posture AI Security:
  • Lead security strategy and risk assessment for AI/ML systems including customer-facing AI products, fraud detection models, LLM integrations, and recommendation systems
  • Build genAI security controls—prompt injection prevention, output filtering, model validation, and monitoring frameworks
  • Perform security assessments of AI/ML model architectures, training pipelines, inference endpoints, and deployment infrastructure
  • Evaluate and operationalize AI-powered security tools (e.g., AI-assisted code review, anomaly detection, automated threat intelligence) to improve security operations
  • Ensure coherent security architecture standards across product, cloud infrastructure, and corporate environments
  • Drive technical decisions for security tooling and controls that span the full environment—from developer laptops to production infrastructure Across All Domains:
  • Mentor security engineers and cross-functional teams, raising the organization's overall security engineering maturity

Requirements

  • responsibilities: leading product security engineering across our payment platform, building our AI security program as we scale generative AI and ML capabilities, and providing security architecture oversight across enterprise and infrastructure security.
  • Your primary focus will be product security and AI—threat modeling payment features, securing APIs, building genAI controls, and ensuring AI-powered capabilities ship securely.
  • Help mature our AI security programdeveloping genAI controls, securing ML pipelines, and working alongside the Model Risk Office for model evaluations.
  • experience with demonstrated technical leadership across multiple security domains; or equivalent combination of education and experience
  • Experience working in cloud-native environments (AWS preferred) with familiarity across AI/ML services (Bedrock, SageMaker, etc.)
  • Proven ability to build security frameworks, tools, and programs from the ground up
  • Strong programming skills in at least one language (Python, Java, Go, or similar) with the ability to read and review code across multiple languages •
  • Experience with security assessment methodologies and risk management frameworks
  • Working knowledge of compliance and control frameworks relevant to financial services (PCI DSS, SOX, SOC2, NIST CSF)
  • Ability to communicate complex security risks to both technical and executive audiences Nice to Have:
  • experience with LLM security: prompt injection mitigation, output filtering, RAG security, agent security patterns •
  • Experience with enterprise security platforms (EDR, SIEM, identity providers, network security tools) •
  • Experience with ML frameworks (PyTorch, TensorFlow) or background in data science / machine learning engineering
  • Knowledge of AI governance, model risk management practices, and emerging AI regulatory frameworks (EU AI Act, NIST AI RMF)
  • Background in supply chain security, CI/CD pipeline security, or secure software composition analysis • •
  • Experience with Kubernetes, containerized workloads, and Infrastructure as Code (Terraform)
  • CISSP, CCSP, CISA, or other relevant security certifications •
  • – Solve for the Customer: With a deep understanding of our customers' business and empathy for their needs, we deliver products and services that drive their success.
  • – Make it Count: We drive forward with focus and agility. With a sense of urgency and purpose, we get the job done, and done right.

Experience

  • 10+ years of security engineering

Benefits

  • We know the confidence gap and imposter syndrome can get in the way of meeting spectacular candidates, so again, don’t hesitate to apply — we’d love to hear from you. Compensation and Benefits:
  • Compensation is aligned according to three tiers within the United States:
  • Premium : Slightly elevated from the National tier, and oriented toward a narrower set of higher cost-of-living areas, such as Los Angeles CA and Seattle WA
  • Premium Plus : A tier for the most expensive working areas, like the San Francisco Bay area and New York City.
  • When determining salaries, we consider several factors including, but not limited to, skills, prior experience, and work location. The new-hire base salary range for this position is:
  • National: $218,300 - $272,900
  • Premium: $236,200 - $295,300
  • Premium Plus: $256,800 - $321,000
  • We also believe in recognizing the contributions of our people. That's why we award annual bonuses to eligible employees, rewarding both individual performance and the success of the entire company.
  • Along with monetary compensation, Marqeta offers
  • Multiple health insurance options
  • Flexible time off – take what you need
  • Retirement savings program with company contribution and after tax contributions
  • Equity in a publicly-traded company and an Employee Stock Purchase Program
  • Family-forming benefits, fertility support, and up to 20 weeks of Parental Leave
  • Monthly stipend to support our remote work model
  • Annual “development dollars” to support our people growth and development

Additional details

  • As Marqeta’s Principal Security Engineer you will serve as the technical lead across our security engineering function. This role combines three critical
  • You'll also own the security architecture function and provide technical oversight for infrastructure security—endpoint protection, network security, VPN, and enterprise security controls—ensuring coherent security standards across everything we build and operate.
  • You'll partner closely with Product Security, Infrastructure Security, and Security Operations teams and serve as the security voice in our Model Risk Office.
  • This is an individual contributor role with mentoring
  • responsibilities and broad technical influence across the security, engineering, and business technology organizations.
  • We work Flexible First . This role can be performed remotely anywhere within the United States or from our Oakland office. We’d love for you to join us!
  • Enterprise & Infrastructure Security Oversight:
  • Provide technical oversight for infrastructure security including endpoint protection, network security, VPN, and enterprise security controls
  • Partner across Product Security, Infrastructure Security, and Security Operations teams as well as engineering, data science, and compliance
  • Communicate security risks and strategy to executive and board-level audiences Who You Are:

Find more real-time jobs on JobLoom.