Jobs · Information Technology · California

Staff Security Engineer

Collective · San Francisco, CA · 2 wk ago
HybridInformation TechnologyFull-time

About the role

We're hiring a Staff Security Engineer to own the security of Collective's member platform end to end. This is a senior individual contributor role with broad product-security scope.

What You'll Do

  • Own the end-to-end authentication and authorization architecture across Collective's member platform, including session management, role-based access control, and the emerging patterns needed to secure agent-based workflows and service-to-service communication.
  • Drive CCPA compliance across the platform, partnering with Legal and Engineering to map data flows, implement required access and deletion controls, and establish ongoing audit and reporting mechanisms.
  • Lead threat modeling for new features and platform changes, collaborating with product engineers early in the design process to identify and address risk before it reaches production.
  • Define and maintain security standards, policies, and runbooks that give engineering teams clear guardrails without slowing down delivery.
  • Respond to and lead post-incident security reviews, driving root-cause analysis and translating findings into durable platform improvements.
  • Evaluate and integrate third-party security tooling, staying current on the threat landscape relevant to fintech platforms handling sensitive financial and tax data.

What You'll Bring

  • 8+ years of security engineering experience, with depth in application security and a track record of improving security posture on production platforms at scale.
  • Strong expertise in authentication and authorization systems (OAuth 2.0, OIDC, SAML, JWT) and the nuances of securing both user-facing sessions and machine-to-machine flows, including AI agent authentication patterns.
  • Hands-on experience building or owning SAST/DAST programs and embedding security testing into CI/CD pipelines; familiarity with tools like Semgrep, Snyk, Burp Suite, or equivalent.
  • Working knowledge of CCPA (and ideally GDPR) compliance requirements as they apply to a SaaS platform handling personal financial data, including data mapping, subject rights workflows, and audit trails.
  • Experience collaborating with Legal and Privacy teams to translate regulatory requirements into concrete engineering controls, not just documentation.
  • Product empathy: the ability to hold security rigor and member experience in the same frame, and to make the right tradeoffs with both in mind.
  • Familiarity with AI-assisted development workflows and an interest in the security implications of agent-based systems is a strong plus.

What We Offer

  • A hybrid work model: based in San Francisco with a balance of in-office and remote flexibility.
  • Fresh lunch: provided on in-office days.
  • Commuter support: $150 monthly reimbursement for transit expenses.
  • Health & wellness: $200 quarterly reimbursement to support your well-being.
  • Flexible PTO plus 14 company holidays.
  • Comprehensive coverage: 100% medical, dental, and vision for employees; 75% coverage for dependents.
  • Parental leave: 16 weeks fully paid.
  • Retirement & ownership: 401k plan plus an equity package.
  • Team connection: quarterly virtual events and an annual in-person summit.

Similar jobs

Field Service Engineer

TRUMPF North AmericaFarmington, CT· 5 days ago
Information Technology$27.94–$44.24/hrapply on trumpf.wd3.myworkdayjobs.com

Field Service Engineer

AMS Group, Inc.Stevensville, MD· 1 wk ago
Information Technologyapply on recruiting.paylocity.com

Field Service Engineer

Ford Motor CompanyCalifornia, United States· 1 wk ago
Information Technology$63k–$166k/yrapply on careers.ford.com

Field Service Engineer

Fuse IntegrationSan Diego, CA· 1 mo ago
Engineering$70k–$110k/yrapply on apply.workable.com