Senior Security Engineer

GoFundMe is the world’s most powerful community for good, dedicated to helping people help each other. They are seeking a Senior Security Engineer to build a secure platform for giving by partnering with engineering teams, performing security assessments, and contributing to scalable solutions that reduce risk across the organization.

Responsibilities:

• Partner with engineering teams to improve security through consultation, education, tooling, and process improvements
• Throughout the Secure Development Lifecycle, perform targeted code reviews and security assessments when investigating high-risk designs, vulnerabilities, or security-sensitive features
• Help evaluate emerging AI technologies and development practices, helping engineering teams adopt them securely through practical guidance, guardrails, and risk assessments
• Notice recurring security challenges and contribute to scalable solutions that reduce risk across the organization
• Help handle application vulnerability reports received through third-party sources. Review, prioritize, and work with the relevant engineering teams to remediate them
• Command incidents and facilitate post-mortem investigations
• Participate in on-call rotation and take your turn shouldering operational toil for the team

Requirements:

• Demonstrate growing judgement skills
• Dedicated to delivering work in security while setting high expectations for our users and coworkers
• Demonstrate an inclusive mindset and enjoy working with people from a wide range of backgrounds and experiences
• 3+ years contributing to secure outcomes with engineering teams
• Experience with OWASP Top 10 and other industry standards
• Experience with application security and security testing
• Experience in secure code review, including basic skills in one or more of PHP, Python, Kotlin, JavaScript, and TypeScript
• Excellent written and verbal communication skills