Role Description The Incident Response / Systems Support Specialist provides operational, testing, deployment, and application support services for the Veterans Benefits Administration (VBA). This role supports pre-production and production environments, coordinates application testing and deployments, manages user access and permissions, and collaborates with development, testing, and infrastructure teams to ensure successful implementation and maintenance of VBA systems and applications. The ideal candidate has experience supporting enterprise environments within government organizations, working closely with application developers, testers, infrastructure teams, and system owners in a highly collaborative environment. Key Responsibilities - Support and maintain VBA pre-production and testing environments in coordination with internal IT teams and stakeholders. - Coordinate with testers and development teams to validate new and updated VBA applications prior to deployment. - Troubleshoot environmental and application-related issues and communicate findings to development teams for resolution. - Create, manage, and maintain user roles and permissions using Common Security Employee Manager (CSEM). - Assist with testing and deployment activities for new applications, patches, upgrades, and system enhancements. - Collaborate with Client Technologies teams to install, configure, and validate updates to VBA systems including: - Operating System Deployments (OSD) - BIOS updates - Windows Feature Updates - Microsoft 365 application updates - Administer and maintain multiple VBA SharePoint environments and sites. - Configure SharePoint access, permissions, document libraries, and lists for users and project teams. - Develop and maintain automated workflows using SharePoint Designer and Microsoft Power Automate. - Design and maintain SharePoint pages and automated processes to support testing coordination and IT operations. - Work with testing teams to develop and execute automated test scripts using Rational Functional Tester (RFT). - Utilize Dimensions CM to manage and release application baselines into Beta and Production server environments. - Lead and facilitate conference calls with testers, IT specialists, developers, and system owners for: - Beta testing coordination - Troubleshooting activities - Deployment planning - Installation scheduling - Send deployment notifications and communications to Alpha, Beta, and Production sites regarding: - Application releases - Security alerts - System patches - Upgrades and maintenance activities - Maintain documentation related to deployments, testing procedures, troubleshooting efforts, and operational processes. Qualifications - Bachelor’s degree - 2+ years of experience supporting enterprise applications, testing environments, deployments, and IT operations or related experience

Role Description As Marqeta’s Principal Security Engineer you will serve as the technical lead across our security engineering function. This role combines three critical responsibilities: - Leading product security engineering across our payment platform - Building our AI security program as we scale generative AI and ML capabilities - Providing security architecture oversight across enterprise and infrastructure security Your primary focus will be product security and AI—threat modeling payment features, securing APIs, building genAI controls, and ensuring AI-powered capabilities ship securely. You'll also own the security architecture function and provide technical oversight for infrastructure security—endpoint protection, network security, VPN, and enterprise security controls—ensuring coherent security standards across everything we build and operate. You'll partner closely with Product Security, Infrastructure Security, and Security Operations teams and serve as the security voice in our Model Risk Office. This is an individual contributor role with mentoring responsibilities and broad technical influence across the security, engineering, and business technology organizations. We work Flexible First. This role can be performed remotely anywhere within the United States or from our Oakland office. You'll have the chance to: - Lead product security engineering for our payment platform—owning threat modeling, security architecture review, secure SDLC practices, and API security across the engineering organization - Help mature our AI security program—developing genAI controls, securing ML pipelines, and working alongside the Model Risk Office for model evaluations - Provide security architecture oversight across infrastructure and enterprise security—endpoint, network, VPN, and corporate security controls—ensuring technical standards are coherent across all security domains - Shape how security engineering scales across the organization through tooling, frameworks, security champions engagement, and engineering partnerships Qualifications - 10+ years of security engineering experience with demonstrated technical leadership across multiple security domains; or equivalent combination of education and experience - Deep product security expertise: threat modeling, security architecture review, secure code review, API security, authentication/authorization design, and secure SDLC practices - Experience with or strong interest in AI/ML security—understanding of risks including adversarial attacks, model poisoning, prompt injection, data privacy, and AI supply chain threats - Broad security fluency across infrastructure and enterprise security—endpoint protection, network security, identity, and cloud security - Experience working in cloud-native environments (AWS preferred) with familiarity across AI/ML services (Bedrock, SageMaker, etc.) - Proven ability to build security frameworks, tools, and programs from the ground up - Strong programming skills in at least one language (Python, Java, Go, or similar) with the ability to read and review code across multiple languages - Experience with security assessment methodologies and risk management frameworks - Working knowledge of compliance and control frameworks relevant to financial services (PCI DSS, SOX, SOC2, NIST CSF) - Ability to communicate complex security risks to both technical and executive audiences Requirements - Financial services or fintech experience strongly preferred - Experience securing payment processing systems, card issuing platforms, fraud detection models, or transaction monitoring infrastructure - Hands-on experience with LLM security: prompt injection mitigation, output filtering, RAG security, agent security patterns - Experience with enterprise security platforms (EDR, SIEM, identity providers, network security tools) - Experience with ML frameworks (PyTorch, TensorFlow) or background in data science / machine learning engineering - Knowledge of AI governance, model risk management practices, and emerging AI regulatory frameworks (EU AI Act, NIST AI RMF) - Background in supply chain security, CI/CD pipeline security, or secure software composition analysis - Experience with privacy-preserving ML techniques (differential privacy, federated learning, secure multi-party computation) - Experience with Kubernetes, containerized workloads, and Infrastructure as Code (Terraform) - CISSP, CCSP, CISA, or other relevant security certifications - Experience building and scaling security programs in high-growth environments Benefits - Multiple health insurance options - Flexible time off – take what you need - Retirement savings program with company contribution and after tax contributions - Equity in a publicly-traded company and an Employee Stock Purchase Program - Family-forming benefits, fertility support, and up to 20 weeks of Parental Leave - Free therapy sessions, financial and professional coaching, and legal advice - Monthly stipend to support our remote work model - Annual “development dollars” to support our people growth and development - Through Flex First, the freedom to live and work wherever you and your family thrive

Role Description We are seeking an experienced Cloud Security Engineer to join our security team and play a critical role in protecting our cloud-native infrastructure, data, and SaaS ecosystem. As a mid-market, cloud-first company, our technology stack is built primarily on AWS with extensive use of SaaS applications across the enterprise. You will be responsible for designing, implementing, and maintaining security controls that protect our cloud environments, ensure compliance, and enable the business to move fast and securely. This is a hands-on, technically deep role that blends cloud infrastructure security, identity and access management, detection engineering, and SaaS security governance. This role will serve as a key technical resource for security across the organization. This is a remote-friendly opportunity that can sit in NYC (where our headquarter is located), one of our office hubs in Austin, Miami, Los Angeles (CA), and Cupertino (CA), or anywhere else in the US. However, depending upon where the remote work is performed, income could be subject to New York State tax withholding. We expect U.S. based working hours with the majority of the team working East and Central Time Zones. Responsibilities - Cloud Infrastructure Security (AWS Focus) - Design, implement, and maintain security controls across our AWS environment - Manage and tune AWS-native security tooling (GuardDuty, Security Hub, CloudTrail, Inspector, etc.) - Develop and enforce infrastructure-as-code (IaC) security policies using tools such as Terraform - Conduct periodic reviews of AWS account architecture, SCPs, and organizational unit (OU) structures to ensure least-privilege and segmentation best practices - Collaborate with Platform Engineering teams to shift left our security posture by embedding security into CI/CD pipelines - Monitor, investigate, and respond to cloud security alerts and incidents within AWS environments - Detection, Monitoring & Incident Response - Build and maintain cloud-focused detection rules, alerts, and dashboards within Datadog Security - Develop and operationalize Datadog detection rules, log pipelines, and security signals in collaboration with the SOC team to provide real-time visibility across AWS infrastructure, application logs, and cloud workloads - Correlate findings from Datadog Security with alerts from Obsidian Security and AWS-native tooling to provide a unified view of risk across cloud and SaaS environments - Develop automated response playbooks for common cloud and SaaS security events - Participate in incident response activities, including investigation, containment, and post-incident review for cloud and SaaS-related security events - Conduct threat modeling exercises for cloud architectures and SaaS integrations - Compliance & Governance - Support compliance initiatives (e.g., SOC 2, or other frameworks as applicable) by implementing and evidencing technical controls in AWS and SaaS environments - Maintain security documentation including architecture diagrams, runbooks, and policy documents - Contribute to internal security audits and third-party assessment processes - Track and remediate findings from vulnerability scans, penetration tests, and cloud security assessments Qualifications - 5+ years of experience in information security, cloud security, or security engineering roles - 3+ years of hands-on experience with AWS security services and architecture (IAM, VPC security, CloudTrail, GuardDuty, etc.) - Strong understanding of cloud-native security principles including least privilege, defense in depth, zero trust, and shared responsibility models - Hands-on experience with Datadog Security or similar cloud-native SIEM/observability platforms (Cloud SIEM, security signal management, log pipeline configuration, custom detection rules) - Proficiency with Infrastructure-as-Code (Terraform, CloudFormation, or CDK) and policy-as-code frameworks - Working knowledge of container and serverless security - Solid scripting/automation skills in Python, Bash, or similar languages - Familiarity with common security frameworks and standards (NIST CSF, CIS Benchmarks, SOC 2, ISO 27001) Benefits - Flexible work hours - Flexible vacation - Generous 401K match - Parental leave - Team events - Wellness budget - Learning reimbursement - Equity included in the compensation package Compensation The annual on-target earnings for this position is anticipated to be up to $185K - $215K . The final offer may be determined by a number of factors, including, but not limited to, the applicant's experience, knowledge, skills, abilities, as well as internal team benchmarks.

Role Description We are seeking a Sr. Product Security Engineer to manage the day-to-day execution of the organization's vulnerability management program and provide hands-on support for secure software development lifecycle (SSDLC) and CI/CD security initiatives. This role works closely with the DevSecOps Lead, Engineering, Platform Team, and Security to ensure vulnerabilities are tracked from discovery through remediation, security controls are functioning as intended, and findings are reported with clear accountability. The Security Operations Engineer translates security requirements into operational workflows, managing intake queues, enforcing SLAs, coordinating remediation with engineering teams, and producing the dashboards and reports that give leadership visibility into security posture. This is a remote-friendly opportunity that can sit in NYC, one of our office hubs in Austin, Miami, Los Angeles (CA), and Cupertino (CA), or anywhere else in the US. However, depending upon where the remote work is performed, income could be subject to New York State tax withholding. We expect U.S. based working hours with the majority of the team working East and Central Time Zones. Responsibilities - Vulnerability Management Operations - Own the end-to-end vulnerability lifecycle: intake, triage, assignment, remediation coordination, verification, and closure across all finding sources. - Enforce severity-based SLAs, escalation paths, and ownership expectations. - Track remediation timelines and follow up with engineering teams to ensure findings are resolved within policy requirements. - Aggregate findings centrally from all scanning tools and sources into a unified tracking system. - Manage exception and risk acceptance workflows. - Produce vulnerability posture reports and dashboards. - Coordinate with engineering teams on remediation prioritization. - Drive reduction of aging findings through proactive follow-up, workflow automation, and escalation when remediation stalls. - CI/CD Security Control Support - Assist the DevSecOps Lead with implementation of baseline security controls. - Help integrate controls into repositories, CI/CD pipelines, registries, and deployment workflows. - Validate that controls are functioning as intended. - Assist with onboarding new teams to the secure pipeline. - SSDLC Support - Support the DevSecOps Lead in maintaining and socializing the Secure Software Development Lifecycle policy. - Help maintain templates, configuration standards, and setup guidance for teams adopting SSDLC controls. - Assist with reference repository maintenance. - Participate in office hours, reviews, and implementation support sessions. - Reporting, Metrics, and Audit Support - Own vulnerability management metrics and reporting. - Contribute to broader security metrics. - Prepare audit-ready evidence related to vulnerability management. - Support the DevSecOps Lead in preparing leadership updates and cross-functional communications. Qualifications - 3–6 years of experience in security operations, vulnerability management, application security, DevSecOps, or a related security engineering role. - Hands-on experience with vulnerability management workflows. - Working knowledge of common scanning tools and finding types. - Familiarity with Git-based workflows, CI/CD systems, and cloud-native development environments. - Experience producing security metrics, dashboards, and reports for technical and leadership audiences. - Strong organizational and follow-through skills. - Clear written and verbal communication skills. Preferred Qualifications - Experience with vulnerability aggregation platforms or security finding management tools. - Familiarity with GitHub Enterprise, GitHub Actions, or similar CI/CD platforms. - Experience supporting SOC 2 or similar audit and compliance requirements. - Exposure to ticketing system integrations for vulnerability assignment and tracking workflows. - Familiarity with supply chain security concepts. - Relevant Certifications (preferred, not required): GSEC, Certified DevSecOps Professional (CDP), CISSP, CSSLP, or SSCP. Benefits - Flexible work hours. - Flexible vacation. - Generous 401K match. - Parental leave. - Team events. - Wellness budget. - Learning reimbursement. - Equity in the compensation package.