Principal Application Security Engineer - Bozeman, MT

  • Figure
  • Jan 05, 2022
Full time Engineering Security

Job Description

About Figure

Figure is transforming the trillion dollar financial services industry using blockchain technology. 

In three short years, Figure has unveiled a series of fintech firsts using the Provenance blockchain for loan origination, equity management, private fund services, banking and payments sectors - bringing speed, efficiency and savings to both consumers and institutions. Today, Figure is one of less than a thousand companies considered a unicorn, globally.

Our mission requires us to have a creative, team-oriented, and supportive environment where everyone can do their absolute best. The team is composed of driven, innovative, collaborative, and curious people who love architecting ground-breaking technologies. We value individuals who bring an entrepreneurial mindset to every task and will embrace our culture of innovation. 

Every day at Figure is a journey in continuous learning yet a daily focus on getting work done that makes a difference. Join a team of proven leaders who have already created billions of dollars in value in the FinTech space!

More about our recent Figure Series D Announcement

Here's our Blockchain Business, Provenance

You can also find Figure featured here: 

Forbes America’s Best Startup Employers

Forbes Top 50 Blockchain Companies


About the Role

Principal Application Security Engineer is the highest level technical role at Figure and may be assigned to function as a supervisor, expert or project leader. When assigned as a supervisor, develops, coordinates and executes policies, methods and procedures, and supervises personnel; when assigned as an expert, performs work requiring a very high level of technical knowledge of a specific area or ability to integrate at a high level the knowledge of several areas; when assigned as a project leader, manages and provides technical leadership of projects involving large-scale, complex and highly analytical tasks.

In this position you will be expected to design, plan, and implement features and projects which act on and verify the security posture for all applications developed at Figure. This role is responsible for designing security solutions that protect the business, but also allow the business to execute and innovate. The Principal Application Security Engineer is expected to work closely with engineering, IT, development operations, internal audit, and Figure end users as needed. This position is also responsible for helping design solutions to secure our blockchain ecosystem, cloud infrastructure, internal tooling, B2B initiatives, and third-party and vendor relationships.

What you'll do 

  • Perform security assessments on web applications, mobile clients, and cloud infrastructure deployments;
  • Function as lead for Vulnerability Management Program with responsibility for managing all aspects of security in the Figure SDLC and IT operating environment;
  • Contribute to and support the development and maintenance of the Figure information security program and risk framework;
  • Collaborate with Engineering and DevOps staff to ensure cloud security for promoting DevSecOps;
  • Implement and maintain intrusion detection, continuous security event monitoring and risk assessment for our cloud infrastructure;
  • Evaluate and tune tooling for risk enumeration and threat intelligence;
  • Review and approve controls needed to protect Figure data and technology assets;
  • Work with security vendors to ensure Figure security infrastructure is tailored to our blockchain-based applications and supporting cloud based IT operating environments.

What we look for

  • You have expert knowledge of the application development languages, frameworks and methodologies in use at Figure and secure coding techniques;
  • You have expert knowledge of modern IT cloud infrastructure architectures and/or application development methodologies and demonstrate this capability through the use of security testing tools and techniques;
  • You are familiar with core development operations toolsets in use at Figure and the techniques used to secure their usage;
  • You have a proven ability to manage yourself in an environment where many projects are active at once and produce results;
  • You are a strong communicator who is comfortable working cross-functionally, with a track record of delivering results.

Benefits and Perks

  • Competitive salary and growth opportunities 
  • Company quarterly performance based bonus
  • Equity stock options package
  • Employer funded comprehensive health, vision, dental insurance and wellness program for employees and their dependents
  • Employer funded life and disability insurance coverage
  • Company HSA, FSA, Dependent Care, 401k, and commuter benefits
  • Up to 12 weeks paid family leave 
  • In office, remote, and hybrid work location options
  • Home office and technology stipend for those working outside of a traditional office more than 75% of the time
  • Flexible time-off plan to empower employees to take the time off that they want and need
  • Continuing education reimbursement
  • Routine Team swag deliveries!

Depending on your residential location certain laws might regulate the way Figure manages applicant data. California Residents, please review our California Employee and Prospective Employee Privacy Notice for further information. By submitting your application, you are agreeing  and acknowledging that you have read and understand the above notice.