• Design, implement, and maintain security controls across our AWS environment • Manage and tune AWS-native security tooling (GuardDuty, Security Hub, CloudTrail, Inspector, etc) • Develop and enforce infrastructure-as-code (IaC) security policies using tools such as Terraform • Conduct periodic reviews of AWS account architecture • Collaborate with Platform Engineering teams to embed security into CI/CD pipelines • Monitor, investigate, and respond to cloud security alerts and incidents

• Own the end-to-end vulnerability lifecycle: intake, triage, assignment, remediation coordination, verification, and closure across all finding sources. • Enforce severity-based SLAs, escalation paths, and ownership expectations. Track remediation timelines and follow up with engineering teams to ensure findings are resolved within policy requirements. • Aggregate findings centrally from all scanning tools and sources into a unified tracking system. • Manage exception and risk acceptance workflows. Process exception requests, document compensating controls, and ensure approvals are captured with appropriate evidence. • Produce vulnerability posture reports and dashboards. • Coordinate with engineering teams on remediation prioritization, providing context on severity, exploitability, and business impact to support informed decision-making. • Drive reduction of aging findings through proactive follow-up, workflow automation, and escalation when remediation stalls. • Assist the DevSecOps Lead with implementation of baseline security controls. • Help integrate controls into repositories, CI/CD pipelines, registries, and deployment workflows. • Validate that controls are functioning as intended, producing actionable findings, and are difficult to bypass.

Role Description The Incident Response / Systems Support Specialist provides operational, testing, deployment, and application support services for the Veterans Benefits Administration (VBA). This role supports pre-production and production environments, coordinates application testing and deployments, manages user access and permissions, and collaborates with development, testing, and infrastructure teams to ensure successful implementation and maintenance of VBA systems and applications. The ideal candidate has experience supporting enterprise environments within government organizations, working closely with application developers, testers, infrastructure teams, and system owners in a highly collaborative environment. Key Responsibilities - Support and maintain VBA pre-production and testing environments in coordination with internal IT teams and stakeholders. - Coordinate with testers and development teams to validate new and updated VBA applications prior to deployment. - Troubleshoot environmental and application-related issues and communicate findings to development teams for resolution. - Create, manage, and maintain user roles and permissions using Common Security Employee Manager (CSEM). - Assist with testing and deployment activities for new applications, patches, upgrades, and system enhancements. - Collaborate with Client Technologies teams to install, configure, and validate updates to VBA systems including: - Operating System Deployments (OSD) - BIOS updates - Windows Feature Updates - Microsoft 365 application updates - Administer and maintain multiple VBA SharePoint environments and sites. - Configure SharePoint access, permissions, document libraries, and lists for users and project teams. - Develop and maintain automated workflows using SharePoint Designer and Microsoft Power Automate. - Design and maintain SharePoint pages and automated processes to support testing coordination and IT operations. - Work with testing teams to develop and execute automated test scripts using Rational Functional Tester (RFT). - Utilize Dimensions CM to manage and release application baselines into Beta and Production server environments. - Lead and facilitate conference calls with testers, IT specialists, developers, and system owners for: - Beta testing coordination - Troubleshooting activities - Deployment planning - Installation scheduling - Send deployment notifications and communications to Alpha, Beta, and Production sites regarding: - Application releases - Security alerts - System patches - Upgrades and maintenance activities - Maintain documentation related to deployments, testing procedures, troubleshooting efforts, and operational processes. Qualifications - Bachelor’s degree - 2+ years of experience supporting enterprise applications, testing environments, deployments, and IT operations or related experience

Role Description As Marqeta’s Principal Security Engineer you will serve as the technical lead across our security engineering function. This role combines three critical responsibilities: - Leading product security engineering across our payment platform - Building our AI security program as we scale generative AI and ML capabilities - Providing security architecture oversight across enterprise and infrastructure security Your primary focus will be product security and AI—threat modeling payment features, securing APIs, building genAI controls, and ensuring AI-powered capabilities ship securely. You'll also own the security architecture function and provide technical oversight for infrastructure security—endpoint protection, network security, VPN, and enterprise security controls—ensuring coherent security standards across everything we build and operate. You'll partner closely with Product Security, Infrastructure Security, and Security Operations teams and serve as the security voice in our Model Risk Office. This is an individual contributor role with mentoring responsibilities and broad technical influence across the security, engineering, and business technology organizations. We work Flexible First. This role can be performed remotely anywhere within the United States or from our Oakland office. You'll have the chance to: - Lead product security engineering for our payment platform—owning threat modeling, security architecture review, secure SDLC practices, and API security across the engineering organization - Help mature our AI security program—developing genAI controls, securing ML pipelines, and working alongside the Model Risk Office for model evaluations - Provide security architecture oversight across infrastructure and enterprise security—endpoint, network, VPN, and corporate security controls—ensuring technical standards are coherent across all security domains - Shape how security engineering scales across the organization through tooling, frameworks, security champions engagement, and engineering partnerships Qualifications - 10+ years of security engineering experience with demonstrated technical leadership across multiple security domains; or equivalent combination of education and experience - Deep product security expertise: threat modeling, security architecture review, secure code review, API security, authentication/authorization design, and secure SDLC practices - Experience with or strong interest in AI/ML security—understanding of risks including adversarial attacks, model poisoning, prompt injection, data privacy, and AI supply chain threats - Broad security fluency across infrastructure and enterprise security—endpoint protection, network security, identity, and cloud security - Experience working in cloud-native environments (AWS preferred) with familiarity across AI/ML services (Bedrock, SageMaker, etc.) - Proven ability to build security frameworks, tools, and programs from the ground up - Strong programming skills in at least one language (Python, Java, Go, or similar) with the ability to read and review code across multiple languages - Experience with security assessment methodologies and risk management frameworks - Working knowledge of compliance and control frameworks relevant to financial services (PCI DSS, SOX, SOC2, NIST CSF) - Ability to communicate complex security risks to both technical and executive audiences Requirements - Financial services or fintech experience strongly preferred - Experience securing payment processing systems, card issuing platforms, fraud detection models, or transaction monitoring infrastructure - Hands-on experience with LLM security: prompt injection mitigation, output filtering, RAG security, agent security patterns - Experience with enterprise security platforms (EDR, SIEM, identity providers, network security tools) - Experience with ML frameworks (PyTorch, TensorFlow) or background in data science / machine learning engineering - Knowledge of AI governance, model risk management practices, and emerging AI regulatory frameworks (EU AI Act, NIST AI RMF) - Background in supply chain security, CI/CD pipeline security, or secure software composition analysis - Experience with privacy-preserving ML techniques (differential privacy, federated learning, secure multi-party computation) - Experience with Kubernetes, containerized workloads, and Infrastructure as Code (Terraform) - CISSP, CCSP, CISA, or other relevant security certifications - Experience building and scaling security programs in high-growth environments Benefits - Multiple health insurance options - Flexible time off – take what you need - Retirement savings program with company contribution and after tax contributions - Equity in a publicly-traded company and an Employee Stock Purchase Program - Family-forming benefits, fertility support, and up to 20 weeks of Parental Leave - Free therapy sessions, financial and professional coaching, and legal advice - Monthly stipend to support our remote work model - Annual “development dollars” to support our people growth and development - Through Flex First, the freedom to live and work wherever you and your family thrive