Platform Security Software Engineer
San Francisco, CA

Job Description

Credit Karma is a mission-driven company, focused on championing financial progress for our more than 100 million members in the U.S., Canada and U.K. While we're best known for pioneering free credit scores, our members turn to us for everything related to their financial goals, including improving their credit, identity monitoring, applying for credit cards, doing their taxes and shopping for loans (car, home and personal) -- all for free. Credit Karma has grown significantly through the years: we've added more than 70 million members in the last five years alone and now have more than 1,200 employees across our offices in San Francisco, Charlotte, Los Angeles, Leeds, London and soon Oakland.

Safeguarding their sensitive information is critical to our continued success. From the CEO down to each individual engineer, everyone views security as a personal responsibility. Your unique mission as a Senior Security Engineer is to own and lead our engineering efforts around our IAM services, and drive key decisions along the way that will influence our entire engineering organization.

What You'll Do

* Drive a technical vision for the engineering organization around our Authentication, Authorization, and IAM services
* Lead key efforts including build out of new product features, design & development of new microservices
* Take an active role in the technical growth of other team members, and the processes that support overall team growth
* Scoping and planning work across multi-team efforts, working closely with business partners to define a product vision in technical terms, and plan implementation and delivery

What's Great About It

* The autonomy, pace, and quick decisioning of a startup, with the stability of Credit Karma's mature platform and business
* Lots of opportunity to break new ground, discover and solve brand new challenges, and make key decisions impacting a large engineering organization
* Have the autonomy to achieve results without micromanagement

Experience We're Looking For

* 3-5 years of experience architecting, designing and implementing scalable solutions with Identity and Access management products that manage and provide unified access to enterprise wide applications.
* Experience with, or enthusiasm for learning, SAML, OAuth, OpenID, API security, WS-Trust, Kerberos, MFA, PKI, certificate-based authentication and directory services like Active Directory, OpenLDAP, Okta Universal directory and/or SCIM.
* Experience with, or enthusiasm for learning, SailPoint IdentityIQ, SailPoint IdentityNow, SailPoint SecurityIQ, or Okta.
* Professional experience across the entire software development process, from development environment, to CI & CD, to production deployment, product and application performance measurement.
* Deep understanding of authentication, authorization, role-based and attribute-based access controls, least privilege and segregation of duties access control concepts.
* Approaches problems with a pragmatic, analysis driven approach - understands trade-offs between perfection and time, with an eye towards iterative delivery of product features, and utilizes this capacity to plan and deliver on product requirements.
* Ability to work with different application teams, partners and helping with on-boarding business applications with provisioning, access certifications, reporting, role/entitlement administration, compliance and user administration.
* Experience with REST API development with JSON-based payloads.
* Experience programming with languages like Scala, Java, Python, Node JS, or Go.
* Experience with Kubernetes, Docker, Consul a plus.