Skip to main content

Staff Security Engineer

Category Security, Risk & Fraud Location New York, New York Job ID 2024-56224
Apply Now

Company Overview

Intuit is the global financial technology platform that powers prosperity for the people and communities we serve. With approximately 100 million customers worldwide using products such as TurboTax, Credit Karma, QuickBooks, and Mailchimp, we believe that everyone should have the opportunity to prosper. We never stop working to find new, innovative ways to make that possible.

Job Overview

We are seeking a highly skilled Staff Security Engineer with over 10 years of overall experience, including 5+ years of coding experience, and a robust background in security reviews, threat modeling, and incident response. This role requires a unique combination of advanced software development skills and deep expertise in security to perform thorough security reviews and threat modeling for both regular and Generative AI applications. The ideal candidate will seamlessly integrate security into our development processes, ensuring our applications are secure by design and capable of resisting various threats.

This is a unique opportunity for a seasoned software engineer with a strong security focus to play a vital role in enhancing the security posture of our applications, including cutting-edge Generative AI solutions. If you are passionate about integrating security into software development and possess the required skills and experience, we invite you to apply.

Responsibilities

  • Develop, test, and maintain high-quality code for various software applications, emphasizing security best practices.
  • Conduct comprehensive security reviews and threat modeling for new and existing applications, including Web, LLM, Generative AI, Mobile, Cloud, Thick Client applications, to identify potential security vulnerabilities and risks.
  • Automate the security review and threat modeling processes using scripting languages such as Python, Perl, or Bash.
  • Utilize knowledge of OWASP Web, LLM, and Mobile Top 10, SANS Top 25, CVE, and MITRE ATT&CK frameworks to guide security assessments, reviews, code analysis, and threat modeling.
  • Collaborate with various teams across the organization, including software developers, product managers, and security professionals, to ensure security is integrated throughout the software development lifecycle.
  • Develop and implement standardized security methodologies, procedures, and tools for application security.
  • Stay informed about the latest security threats, vulnerabilities, and trends in both traditional and Generative AI application security.
  • Document and report security findings in a clear and structured manner to both technical and non-technical stakeholders.
  • Provide actionable remediation recommendations and track their implementation to closure.
  • Contribute to the development of security policies, standards, and guidelines.
  • Mentor junior engineers on secure coding practices and develop internal training materials.
  • Participate in code reviews to ensure that security best practices are maintained across all projects.
  • Lead the development of security-related features and tools to enhance the security posture of our applications.
  • Collaborate with the incident response team to investigate, remediate, and learn from security incidents, ensuring that findings are integrated into future security measures.
  • Develop incident response plans and ensure they are tested and revised regularly to remain effective and current.

Qualifications

  • Bachelor’s degree in computer science, Information Security, Software Engineering, or a related field. Equivalent experience will be considered.
  • A minimum of 10 years of overall experience, including 5+ years of software development experience with a strong emphasis on security.
  • Experience with LLM, Generative AI Models, and prompt engineering (e.g., OpenAI, Google Gemini, Claude).
  • Strong understanding of OWASP Web, LLM, and Mobile Top 10, SANS Top 25, CVE, and MITRE ATT&CK frameworks.
  • Proven experience in security reviews and threat modeling for a wide range of applications, including Generative AI applications.
  • Strong programming skills in languages such as Python, Java, C++, or similar, with a focus on secure coding practices.
  • In-depth understanding of security protocols, authentication/authorization mechanisms, encryption, and secure software development practices.
  • Familiarity with security assessment tools and best practices for identifying and mitigating vulnerabilities.
  • Excellent analytical and problem-solving skills, with the ability to identify and prioritize security risks based on potential impact.
  • Strong communication skills, with the ability to explain complex security issues to both technical and non-technical audiences.
  • Experience managing and mentoring a team of security professionals.
  • Relevant certifications such as OSCP, OSWE, OSEP, CRTE, CRTP, or Security+ are a plus.
  • Experience with secure code review, software development lifecycle (SDLC), and DevSecOps practices is preferred.
  • Proven experience in contributing to incident response efforts, including investigation, remediation, and post-incident analysis.
Apply Now

Intuit provides a competitive compensation package with a strong pay for performance rewards approach. The expected base pay range for this position is New York $191,000 - $258,500. This position will be eligible for a cash bonus, equity rewards and benefits, in accordance with our applicable plans and programs (see more about our compensation and benefits at Intuit®: Careers | Benefits). Pay offered is based on factors such as job-related knowledge, skills, experience, and work location. To drive ongoing pay equity for employees, Intuit conducts regular comparisons across categories of ethnicity and gender.

Related Content

  • GED is a weeklong code-a-thon that brings together Intuit technologists from all over the world to innovate and collaborate on projects they’re passionate about.

  • woman looking in mirror

    Article

    Benefits

    We support our employees by offering benefits you need to stay healthy, achieve financial security, and enjoy peace of mind for you and your family.

  • Intuit has built foundational capabilities for collecting, processing and transforming raw data into a connected mesh of high quality data. Those capabilities are enabling our technologists to build personalized experiences, with speed and at scale, to deliver on our mission to power prosperity around the world

  • Article

    Hybrid Work

    Intuit embraces a hybrid way of working that brings the best of in-person collaboration and connections together with the flexibility of virtual work.

  • For Intuit, turning data into actionable insights is pivotal to our success in delivering awesome experiences to 100 million customers That’s why we’ve developed an internal generative AI powered tool called Query Kickstart to improve speed to insight by accelerating SQL query authoring for our data workers.

  • Intuit is using generative AI to power our internal developer platforms to enable our software engineers and data workers to be more effective and efficient.

  • Intuit’s Expert Network is revolutionizing the way people access financial expertise. We provide flexible career opportunities and schedules to empower experts who want to grow their careers while being present for their families and other personal or professional pursuits.

  • While serving as an assistant manager in the hospitality industry, Fatimah Muhammad learned how to use QuickBooks and rediscovered her talent for working with numbers. By joining Intuit, she’s been able to join the tax field with the help of our free, online tax training courses.

  • Start your career as a remote tax preparer or bookkeeper through our Intuit Academy program. The program consists of self-paced online courses, followed by an exam. Upon passing the exam, you will receive a badge that you can easily display to advance your career in the industry.

  • Michael Mills is in his third season with Intuit and his first as a TurboTax Expert. Michael utilizes our flexible schedule options to give himself the time to accomplish his ultimate career goal: Building his own practice that allows him to earn three revenue streams (bookkeeping, tax, and financial advising).

  • Intuit's Chief DEI Officer, Humera Shahid, on Diversity, Equity, Inclusion, and Belonging

  • At Intuit, mobility plays an important role in the learning and development of our employees. Our teams offer lateral growth opportunities as well so that employees have an opportunity to explore different roles and broaden their skillset.

  • We’re building the workforce and workplace of the future by investing in our sites around the world. We're developing a high-performing and diverse workforce, and embracing hybrid work to support collaboration and connection, regardless of where we work.

  • Internal Mobility Can Enhance Skill Development

You haven't viewed any jobs yet. Start exploring now to find the perfect opportunity for you!

View all of our available opportunities

You haven't saved any jobs yet. Start exploring now to find the perfect opportunity for you!

View all of our available opportunities

Sign Up for Job Alerts

Be the first to find out about open jobs that fit what you're looking for.

Sign up for job alerts

Don't see what you're looking for? Sign up and we'll notify you when roles become available.

Interested InSelect a job category from the list of options. Select a location from the list of options. Finally, click “Add” to create your job alert.

  • Security, Risk & Fraud, New York, New York, United StatesRemove

By submitting your information, you acknowledge that you have read our privacy policy and consent to receive email communication from us.