Security Engineer II (Infrastructure)

We are looking to hire a Security Engineer to join our Infrastructure Security team. The Infrastructure Security team enables NerdWallet’s mission to provide clarity for all of life’s financial decisions by taking steps to ensure the product and services we design and build safeguard user data and privacy.

In this role, you can expect to partner with technical teams across the company, advising them on secure design patterns for cloud and corporate infrastructure. You’ll have the opportunity to build security tooling, infrastructure-as-code modules, and security data pipelines to help our engineering partners accelerate their development safely. You’ll also assist with security monitoring and incident response activities to keep our customers and Nerds safe.

The right candidate will be eager to learn new technologies, have a desire to empower developers, and be a terrific collaborator. If you are someone who wants to develop their skills in a growing Infrastructure Security program, we encourage you to apply!

If you were here 6 months ago, here are some things you might have worked on:

• Helped redesign AWS Single Sign-on implementation and update existing CLI tools used by developers
• Built security logging pipelines using Terraform, Python, AWS, and Snowflake
• Helped triage and respond to security events on employee and production systems
• Conducted proof-of-value research into “just in time” IAM tools and processes for cloud environments
• Assisted developing secure baseline standards for Kubernetes workloads
• Assisted evaluating security posture of prospective third-party partners

Where you can make an impact:

• Help scale our infrastructure security program through automation and developer empowerment
• Influence engineering and product partners to remediate security gaps across multiple functional areas while balancing company and security needs
• Building tools and processes to drive greater security posture visibility for leadership
• Review developer pull requests for adherence to security best practices

You are:

• Familiar with industry standards, risk mitigation techniques, and new developments within infrastructure security
• Familiar with common DevOps and IT practices related to cloud, identity, and endpoint security
• Pragmatic in your approach to reducing risk in a manner that incorporates business and product needs
• Excited to contribute to security efforts outside of your core competencies to move the program forward
• Committed to fostering a respectful, blameless, and collaborative work environment

Your experience:

We recognize not everyone will meet all of the criteria. If you meet most of the criteria below and you’re excited about the opportunity and willing to learn, we’d love to hear from you.

• 2+ years of experience in a professional infrastructure security engineering role primarily focused in cloud environments (preferably AWS)
• 1+ years of experience in a professional software engineering role or writing production environment code
• Proficient in Python and comfortable with learning new languages if needed
• Familiar with at least one infrastructure-as-code language such as Terraform or CloudFormation
• Experience with common endpoint security tools for corporate and production environments

Where:

• This role will be based in San Francisco, CA or remote (based in the U.S.).
• We believe great work can be done anywhere. No matter where you are based, NerdWallet offers benefits and perks to support the physical, financial, and emotional well being of you and your family.

What we offer:

Pay Transparency

• The salary range for this role is $127,000-$207,000.
• Base pay offered may vary within the posted range based on several factors, including but not limited to education, job-related knowledge, skills, experience, and location.

Work Hard, Stay Balanced (Life’s a series of balancing acts, eh?)

• Industry-leading medical, dental, and vision health care plans for employees and their dependents
• Rejuvenation Policy – Flexible Time Off + 13 holidays + 4 Mental Health Days Off
• New Parent Leave for employees with a newborn child or a child placed with them for adoption or foster care
• Mental health support through Ginger.io
• Financial wellness, guidance, and unlimited access to a Certified Financial Planner (CFP) through Northstar
• Paid sabbatical for Nerds to recharge, gain knowledge and pursue their interests
• Health and Dependent Care FSA and HSA Plan with monthly NerdWallet contribution
• Weekly Virtual Bootcamp, Yoga, and Mindfulness Meditation sessions
• Monthly Wellness Stipend, Cell Phone Stipend, and Wifi Stipend

Have Some Fun! (Nerds are fun, too)

• Nerd-led group initiatives – Intramural Sports, Employee Resource Groups for Parents, Diversity, and Inclusion, Women, LGBTQIA, and other communities
• Hackathons, Happy Hours, and team events across all teams and departments
• Company-wide events like Little Nerds Day (aka bring your kids to work day, even if you're remote!) and our annual Charity Auction

Lifestyle (Be your best self - we’ll take care of the details)

• Our Nerds love to make an impact by paying it forward – Donate to your favorite causes with a company match
• Work from home equipment stipend and co-working space subsidy
• Anniversary recognition program – choose from different items and experiences
• Commuting stipend

Plan for your future (And when you retire on your island, remember the little people)

• 401K with company match
• Annual Enrichment Stipend for learning and development
• Be the first to test and benefit from our new financial products and tools
• Access to Rocket Lawyer for online legal support and resources

If you are based in California, we encourage you to read this important information for California residents linked here.

NerdWallet is committed to pursuing and hiring a diverse workforce and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment and will not be discriminated against on the basis of any characteristic protected by applicable federal, state or local law. Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.

#LI-DNI