Skip to content
Collective Intelligence ProjectCollective Intelligence ProjectSan Francisco, CA

Staff Security Engineer

Own end-to-end security for a fintech platform: authentication/authorization architecture, SAST/DAST in CI/CD, threat modeling, and CCPA compliance. Senior IC role requiring 8+ years in application security.

200k – 260k/yr
Hybrid8+ YOESecurity Engineering

About the role

What you'll do

  • Own the end-to-end authentication and authorization architecture across Collective's member platform, including session management, role-based access control, and the emerging patterns needed to secure agent-based workflows and service-to-service communication.
  • Drive CCPA compliance across the platform, partnering with Legal and Engineering to map data flows, implement required access and deletion controls, and establish ongoing audit and reporting mechanisms.
  • Design and maintain Collective's static and dynamic application security testing (SAST/DAST) frameworks, integrating them into CI/CD pipelines so security feedback is fast, automated, and actionable for product teams.
  • Lead threat modeling for new features and platform changes, collaborating with product engineers early in the design process to identify and address risk before it reaches production.
  • Define and maintain security standards, policies, and runbooks that give engineering teams clear guardrails without slowing down delivery.
  • Respond to and lead post-incident security reviews, driving root-cause analysis and translating findings into durable platform improvements.
  • Evaluate and integrate third-party security tooling, staying current on the threat landscape relevant to fintech platforms handling sensitive financial and tax data.

What you'll bring

  • 8+ years of security engineering experience, with depth in application security and a track record of improving security posture on production platforms at scale.
  • Strong expertise in authentication and authorization systems (OAuth 2.0, OIDC, SAML, JWT) and the nuances of securing both user-facing sessions and machine-to-machine flows, including AI agent authentication patterns.
  • Hands-on experience building or owning SAST/DAST programs and embedding security testing into CI/CD pipelines; familiarity with tools like Semgrep, Snyk, Burp Suite, or equivalent.
  • Working knowledge of CCPA (and ideally GDPR) compliance requirements as they apply to a SaaS platform handling personal financial data, including data mapping, subject rights workflows, and audit trails.
  • Experience collaborating with Legal and Privacy teams to translate regulatory requirements into concrete engineering controls, not just documentation.
  • Comfort operating as a senior individual contributor who influences platform direction without requiring a management chain to get things done — you write RFCs, lead design reviews, and bring engineers along through conviction and clarity.
  • Product empathy: the ability to hold security rigor and member experience in the same frame, and to make the right tradeoffs with both in mind.
  • Familiarity with AI-assisted development workflows and an interest in the security implications of agent-based systems is a strong plus.

Skills

Oauth 2.0OIDCSAMLJwtSASTDASTSemgrepSnykBurp SuiteCCPAGDPR
Zocdoc

Senior Staff Security Engineer, Vulnerability Management

ZocdocUnited States

Senior Staff Security Engineer owning the roadmap for an AI-driven vulnerability scanning, triage, and automated remediation platform. Requires 8+ years in security engineering with deep cloud/container expertise, offensive security experience, and proficiency in Python/Go/Rust.

200k – 290k/yr
Remote8+ YOESecurity Engineering
Betterment

Staff Engineer, User Trust

BettermentNew York, NY

Staff Engineer building scalable systems for user trust, fraud prevention, KYC, risk scoring, and compliance. Requires fullstack expertise in Ruby on Rails and React, plus experience leading projects in high-trust financial environments.

200k – 238k/yr
HybridSecurity Engineering
OpenAI

Data Center Physical Security Systems Engineer

OpenAISan Francisco, CA +3

Design and deliver physical security technology architecture for AI data centers, establishing standards for access control, surveillance, and monitoring systems across global infrastructure. Requires 15+ years in physical security systems architecture and hands-on implementation experience.

205k – 335k/yr
Remote15+ YOESecurity Engineering
Illumio

Staff Engineer, Cloud Security

IllumioSunnyvale, CA

Develops containerized microservices in Go for Illumio's cloud security platform, processing real-time cloud telemetry on Kubernetes to deliver security insights and recommendations. Requires 8+ years experience with public clouds (AWS/Azure/GCP) and mentors junior engineers.

194k – 233k/yr
On-site8+ YOESecurity Engineering
Illumio

Staff Engineer, Container Security

IllumioSunnyvale, CA

Staff Engineer builds Zero Trust Segmentation orchestration for container ecosystems, enhancing Kubernetes platforms like EKS and GKE. Requires 8+ years in distributed systems, proficiency in Go/Python/Java, and strong networking expertise; onsite in Sunnyvale, CA.

194k – 233k/yr
On-site8+ YOESecurity Engineering