Senior Application Security Engineer at Chime

Remote, USA; San Francisco, CA, USAFull-timeRemoteSecurityPosted 15 days ago

About the Role

<h2>About the role</h2> We are looking for a Sr. Full Stack Application Security Engineer with deep expertise in mobile application security to join our Product Security team. This role is hands-on and impact driven. You will work directly with mobile, backend, and platform engineering teams to identify, prevent, and remediate security issues across our iOS, Android, API, and backend systems. You will operate close to the code and close to the product. That means reviewing architectures across the stack, influencing secure design decisions early, and helping teams ship features safely without slowing delivery. This role is for someone who understands how modern distributed systems and mobile apps are built, deployed, and attacked in real-world environments. While mobile application security is a core focus, you will be part of a team that owns security posture across the full application stack including APIs, backend services, identity and authentication flows, and CI/CD pipelines. The base salary offered for this role and level of experience will begin at $213,000 and up to $295,000. Full-time employees are also eligible for a bonus, competitive equity package, and benefits. The actual base salary offered may be higher, depending on your location, skills, qualifications, and experience.  <h2>In this role, you can expect to</h2> <ul> <li style="font-family: helvetica, arial, sans-serif;">Build and improve security capabilities, automation, and guardrails for mobile applications and backend/API services</li> <li style="font-family: helvetica, arial, sans-serif;">Perform application or API/backend penetration testing </li> <li style="font-family: helvetica, arial, sans-serif;">Identify, triage, and help remediate vulnerabilities across Chime products</li> <li style="font-family: helvetica, arial, sans-serif;">Partner closely with engineering and product teams to embed security into the development lifecycle across mobile apps, APIs, and backend services</li> <li style="font-family: helvetica, arial, sans-serif;">Perform architecture and code reviews across the stack (iOS/Android, APIs, backend) with a focus on secure data storage, authentication, authorization, secure communication, and session/token handling</li> <li style="font-family: helvetica, arial, sans-serif;">Leverage AI to accelerate security workflows (e.g., code review support, triage, threat modeling), and partner with teams building AI-enabled features to define and implement production-grade AI security controls </li> </ul> <h2>To thrive in this role, you have</h2> <ul> <li style="font-family: helvetica, arial, sans-serif;">5+ years of experience in application security, with strong hands-on experience across both mobile and backend systems </li> <li style="font-family: helvetica, arial, sans-serif;">Hands on experience securing iOS and Android applications in production environments</li> <li style="font-family: helvetica, arial, sans-serif;">Strong understanding of mobile threat models and common attack techniques</li> <li style="font-family: helvetica, arial, sans-serif;">Experience with mobile security testing techniques, including static and dynamic analysis</li> <li style="font-family: helvetica, arial, sans-serif;">Familiarity with iOS and Android platform security features and limitations</li> <li style="font-family: helvetica, arial, sans-serif;">Practical coding experience, preferably in Ruby, Go, Python  languages</li> <li style="font-family: helvetica, arial, sans-serif;">Ability to clearly communicate security risks, tradeoffs, and remediation guidance to engineering partners</li> </ul> #LI-Hybrid #LI-JL1<div class="content-conclusion"><h2>A little about us</h2> At Chime, we believe that everyone can achieve financial progress. We created Chime—a financial technology company, not a bank*—on the premise that core banking services should be helpful, easy, and free. Through our user-friendly tools and intuitive platforms, we empower our members to take control of their finances and work towards their goals. Whether it's starting a savings account, purchasing a first car or home, launching a business, or pursuing higher education, we're proud to have helped millions unlock their financial potential. We're a team of problem solvers, dreamers, and builders with one shared obsession: our members. From day one, Chimers have worked tirelessly to out-hustle and out-execute competitors to bring our mission to life. Their grit and determination inspire us to work harder every day to deliver the very best experience possible. We each bring an owner's mindset to our work, refusing to be outdone and holding ourselves accountable to meet and exceed the highest bars for our teams, our company, and our members. We believe in being bold, dreaming big, and taking risks, while also working together, embracing our diverse perspectives, and giving each other honest feedback. Our culture remains deeply entrepreneurial, encouraging every Chimer to see themselves as stewards of our mission to help everyday Americans unlock their financial progress.  We know that to achieve our mission, we must earn and keep people's trust—so we hold ourselves to the highest standards of integrity in everything we do. These aren't just words on a wall—our values are embedded in every aspect of our business, serving as a north star that guides us as we work to help millions achieve their financial potential. Because if we don't—who will? *Chime is a financial technology company, not a bank. Banking services provided by The Bancorp Bank, N.A. or Stride Bank, N.A., Members FDIC. <h2>What we offer for our full-time, regular employees</h2> <ul> <li style="font-family: helvetica, arial, sans-serif;">🏢 Our in-office work policy is designed to keep you connected - with four days a week in the office and Fridays from home for those near one of our offices, plus team and company-wide events depending on location. Whether you’re coming in regularly or are part of our fully remote program, you’ll stay engaged with your work and teammates.</li> <li style="font-family: helvetica, arial, sans-serif;">💻 In-office perks including backup child, elder, and/or pet care, plus a subsidized commuter benefit to support your regular commute</li> <li style="font-family: helvetica, arial, sans-serif;">💰 Competitive salary based on experience</li> <li style="font-family: helvetica, arial, sans-serif;">✨ 401k match plus great medical, dental, vision, life, and disability benefits</li> <li style="font-family: helvetica, arial, sans-serif;">🏝 Generous vacation policy and company-wide Chime Days, bonus company-wide paid days off</li> <li style="font-family: helvetica, arial, sans-serif;">🫂 1% of your time off to support local community organizations of your choice</li> <li style="font-family: helvetica, arial, sans-serif;">👟 Annual wellness stipend to use towards eligible wellness related expenses</li> <li style="font-family: helvetica, arial, sans-serif;">👶 Up to 24 weeks of paid parental leave for birthing parents and 12 weeks of paid parental leave for non-birthing parents</li> <li style="font-family: helvetica, arial, sans-serif;">👪 Access to Maven, a family planning tool, with $15k lifetime reimbursement for egg freezing, fertility treatments, adoption, and more.</li> <li style="font-family: helvetica, arial, sans-serif;">🎉 In-person and virtual events to connect with your fellow Chimers—think cooking classes, guided meditations, music festivals, mixology classes, paint nights, etc., and delicious snack boxes, too!</li> <li style="font-family: helvetica, arial, sans-serif;">💚 A challenging and fulfilling opportunity to join one of the most experienced teams in FinTech and help millions unlock financial progress</li> </ul> We know that great work can’t be done without a diverse team and inclusive environment. That’s why we specifically look for individuals of varying strengths, skills, backgrounds, and ideas to join our team. We believe this gives us a competitive advantage to better serve our members and helps us all grow as Chimers and individuals. Chime is proud to be an Equal Opportunity Employer. We consider qualified applicants without regard to race, color, ancestry, religion, sex, national origin, sexual orientation, gender identity, age, marital or family status, disability, genetic information, veteran status, or any other legally protected basis under provincial, federal, state, and local laws, regulations, or ordinances. We will also consider qualified applicants with criminal histories in a manner consistent with the requirements of state and local laws, including the San Francisco Fair Chance Ordinance, Cook County Ordinance, NYC Fair Chance Act, and the LA City Fair Chance Ordinance, and consistent with Canadian provincial and federal laws. If you have a disability or special need that requires accommodation during any stage of the application process, please contact: <a style="color: rgb(35, 111, 161); text-decoration: underline;" href="mailto:[email protected]">[email protected]</a>. To learn more about how Chime collects and uses your personal information during the application process, please see the <a href="https://www.chime.com/careers/chime-applicant-privacy-notice/">Chime Applicant Privacy Notice. </a></div>

About the Role

Related Roles