Application Security Engineer

Summary

Join Prelim's rapidly growing, fully remote US team as their first dedicated Application Security Engineer. You will architect and build security systems protecting millions of people's access to financial institutions. This role involves owning the security of the platform powering digital account opening for financial institutions globally. You will collaborate with engineers, customers, and compliance stakeholders to design and implement cutting-edge security solutions. This is an opportunity to build a system millions will depend on, shaping security architecture from the foundation up and having a significant impact on protecting sensitive financial data. You will work with major financial institutions and have direct access to leadership, influencing product decisions and growing into a leadership role as the company scales. The position offers a fast-paced remote environment and the chance to transform how people access financial services.

Requirements

• 2-5 years in application security, security engineering, or software development with strong security focus
• Deep understanding of web application security including OWASP Top 10, authentication systems, session management, and common vulnerability classes
• Experience with security testing tools (SAST, DAST, dependency scanning) and the ability to build custom security tooling when needed
• Knowledge of secure coding practices, security architecture, and threat modeling
• Familiarity with cloud security (AWS preferred) and infrastructure security concepts
• Understanding of compliance frameworks (PCI DSS, SOC 2) or willingness to become an expert quickly
• You approach security problems systematically, understanding both the technical details and business context. You can identify complex vulnerabilities, assess risk, and architect comprehensive solutions
• You balance security with business impact, focusing on practical solutions that reduce real-world risk while enabling the business to move fast
• You think deeply about how security vulnerabilities could impact real people's financial lives and take responsibility for protecting sensitive data and user trust
• You communicate complex security concepts clearly to both technical and non-technical stakeholders, building consensus around security decisions
• You're excited about mentoring other engineers and building security culture across the entire organization

Responsibilities

• Architect and implement security controls across our entire stack, from React frontend to Node.js APIs to PostgreSQL databases
• Hunt for and remediate complex vulnerabilities including authentication bypasses, race conditions, session fixation, and CSRF attacks
• Build sophisticated authentication, authorization, and session management systems for high-stakes financial institutions applications
• Design security monitoring, automated threat detection, and incident response systems from the ground up
• Navigate and implement compliance requirements for PCI DSS, SOX, GDPR, and SOC 2 in a practical, engineering-focused way
• Lead security code reviews and establish security practices that scale with our growing engineering team
• Own security architecture decisions that will shape how millions of users safely access financial institutions services

Benefits

• $120,000 - $150,000 a year
• + meaningful equity