Senior Application Security Engineer, Mercury
$203.1-238.9k
+ Equity. For Canadian applicants the salary range is CAD 184,800–217,400
Banking services for startups
Job no longer available
Banking services for startups
501-1000 employees
Job no longer available
$203.1-238.9k
+ Equity. For Canadian applicants the salary range is CAD 184,800–217,400
501-1000 employees
Company mission
To make scaling tech companies simpler with a personalized banking stack for startups, and power the next generation of companies that will shape the American industry.
Role
Who you are
- Excellent empathy for customers
- An ability to carefully consider tradeoffs between security and user experience
- Proficiency in standard software engineering, including discussions on schema and app design
- Three or more years of experience in software security roles or equivalent
- Full-stack development experience, with excitement to learn and work with Haskell, React, and TypeScript
- Exceptional security judgment, a grasp of product concepts, and effective communication skills are highly valuable in these collaborative scenarios
Desirable
- Familiarity with our tech stack
- Experience in fraud or finance-related domains
What the job involves
- The team you would be joining is primarily focused on engineering, with a primary goal of addressing security challenges through code
- Our work involves tackling a variety of security issues, ranging from developing security features to creating infrastructure that assists other teams in building their features securely
- Currently, our main projects include enhancing our admins' permissions system, devising a streamlined method for users to verify their identity during phone calls, and a few smaller initiatives. In addition to coding, we actively engage with other teams
- This involves explaining vulnerabilities identified through our bug bounty programs, addressing security concerns related to ongoing projects, and responding to queries from other teams
- Address key security features within the product, such as developing passkey support, enhancing the security dashboard, refining user-facing audit logs, and implementing SAML
- Upgrade our pentest environment to ensure it aligns with our security researchers' needs, addressing challenges like data sufficiency and effective stubbing of third-party interactions
- Contribute to bug bounty program triage by validating reports, coordinating responses, and managing researcher payments, while collaborating with teams to resolve identified issues
- Analyze vulnerabilities and proactively target root causes by creating tools for codebase scanning, establishing effective patterns and systems, and enhancing security training for engineers
- Assist teams in threat modeling and cultivating a security mindset for their features, leveraging dedicated security expertise to complement the existing skills of our engineers
- Investigate user security issues, utilizing product knowledge and logs to understand incidents and proposing improvements to monitoring for quicker detection of similar issues
Otta's take
Sam Franklin
CEO of Otta
Frustrated by the archaic, fee-laden banking services offered to entrepreneurs, the founders of Mercury set out to create a better solution. They envisioned a platform that was dynamic, tech-driven, and free from unnecessary fees.
Mercury delivers on this vision by automating business payment processes, offering FDIC-insured accounts, and providing full API access, empowering entrepreneurs with greater control and efficiency. This approach stands in stark contrast to traditional startup banking, which often burdens young businesses with high fees and limited functionality.
By prioritizing user experience and offering a free service tier, Mercury has attracted over 100,000 businesses and achieved a $1B valuation in 2021. As a rising unicorn in the stagnant world of startup banking, mercury is poised for continued growth, constantly adding new features and expanding its team to further disrupt the industry.
Insights
Some candidates hear
back within 2 weeks
50% employee growth in 12 months
Company
Funding (last 2 of 4 rounds)
Jul 2021
$120m
SERIES B
Sep 2019
$20m
SERIES A
Total funding: $150.9m
Company benefits
- Health, dental, & vision
- 12+ weeks of paid parental leave
- $600 USD custom WFH equipment setup
- Unlimited vacation policy (with a mandatory minimum)
- Retirement matching up to 4% of base salary (401k/RRSP)
- Paid 6-week sabbatical after the 5-year mark
- Annual $1K USD learning & development budget
- Unlimited book budget
- Weekly $100 USD food budget
- Monthly $100 USD wellness budget
- Monthly $50 USD cellphone reimbursement
- Pet-friendly offices with free tea & lunch
Company values
- Think actively: Question processes. Give thoughtful feedback. Find the best way to do something instead of going by how it’s always been done
- Be super helpful: Practice intentionality and accountability. Go above and beyond to solve problems, and do it as a team
- Act with humility: Treat everyone with respect. Leave egos at the door
- Appreciate quality: Work with the best equipment. Avoid cutting corners. Take pride in crafting a lasting product
- Maximize efficiency: Minimize unnecessary meetings and bureaucracy. Work together to get the job done right
- Focus on product: Ask yourself how the product can be better today than it was yesterday
Company HQ
SoMa, San Francisco, CA
Articles
Founders
Jason Zhang
(COO)Studied Biology at Stanford before spending over 4 years at Heyzap in Business Development.
Immad Akhund
(CEO)Graduated from the University of Cambridge, then worked as a Software Developer at Aquila and Bloomberg. Also founded Clickpass and Heyzap, and was a Part-time Partner at Y Combinator.
Salary benchmarks
We don't have enough data yet to provide salary benchmarks for this role.
Submit your salary to help other candidates with crowdsourced salary estimates.
Share this job
View 1 more job at Mercury