Staff Software Engineer (AppSec) at Credit Karma
What's great about it:
- You will earn and maintain the trust of our users by demonstrating our commitment to safeguarding their information
- You will have lots of opportunity to break new ground, discover and solve brand new challenges, and make key decisions impacting a large organization
- And, of course, you get all those awesome company perks that you probably already read about
What the job entails:
- Develop code solutions to our application security challenges: current projects include the development of custom code investigation tools to identify CK specific vulnerabilities, both accepted and not accepted architectural patterns, and repository health scores
- Leading engineering projects by developing designs, socialization with partners in engineering, and organizing engineering tasks into sprints to reliably deliver milestones
- Passionately contributing to mentoring through code reviews, design discussions, pair programming, working group participation, and agile engagement
- Evaluate the key frameworks (and their ecosystems) that form the core platform for Credit Karma Engineering, looking for areas where framework improvements could eliminate the potential for vulnerabilities to be introduced
- Envision, design and implement core features for our internal sidecar to bake security into every deployed microservice.
- Expertise in Scala and/or Typescript, with at least one interpreted language for fast prototyping
- Write code that is performant, maintainable, clear, and concise
Our ideal candidate:
- B.S., M.S., or PhD in Computer Science or a related technical major or significant job experience.
- Minimum 8 years experience in an engineering capacity. Security experience desired.
- Strong algorithms and data structures background.
- Experience with software engineering patterns and best practices (e.g. SOLID, hexagonal architecture, domain driven design, test driven development, design documentation, code reviews).
- Technical depth in many, if not most of the following areas: web infrastructure, microservices architectures, distributed systems, performance analysis, enterprise messaging systems, and/or large scale data processing
- Development experience on the JVM, including asynchronous I/O, concurrency, and the Java memory model.
- A history of open-source contribution and a passion for development of elegant, well-designed frameworks.
- Hands on experience with GCP and its services.