Senior Manager of Product Security

As Marqeta’s Senior Manager of Product Security you will lead and continue to grow our product and cloud security programs across Marqeta. The ideal candidate will have excellent leadership skills, strong focus on operational excellence, a risk-centric approach, and significant experience in product and cloud security. The Senior Manager of Product Security will report directly to the Chief Information Security Officer.

We work Flexible First. This role can be performed remotely anywhere within the U.S.  or from our Oakland, CA office. We’d love for you to join us!

The Impact You'll Have

• Design, implement, and manage a product security program capable of:
• Delivering shift-left services to embed security early in the SDLC process (advisory services, testing design, secure design checklists, Security-as-Code libraries, threat modeling, data flow diagrams, secure coding training, etc.)
• Defining and operating a security champions program leveraging identified champions from within each development team to advance product and cloud security initiatives
• Providing developer teams with comprehensive security testing services, remediation advice and validation 
• Centrally analyzing and contextualizing product and cloud vulnerability findings in order to assist the Vulnerability Management Center of Excellence with prioritized ticketing and reporting to include SLA tracking, remediation validation, and source tracking
• Producing product security program metrics that provide insights into developer engagement, overall SSDLC health, cloud security posture, etc.
• Monitoring the health of Marqeta web applications such as Marqeta.com and work with appropriate stakeholders to ensure remediation of vulnerabilities
• In alignment with the security incident response plan, defining product incident response team procedures to respond to and remediate critical production vulnerabilities and/or active threat exploitation of Marqeta products
• Defining penetration testing strategy and and coordinating all penetration tests
• In partnership with infrastructure teams deploy, configure/tune, monitor (health, performance, stability) and maintain product and cloud security solutions
• Defining product and cloud security policies, standards, procedures, configuration baselines, and reusable architecture patterns
• Leading cybersecurity solution evaluations (e.g. on-paper evaluations and proof of concept activities) to include gathering and analyzing requirements from various stakeholders
• Developing matrixed change approval workflows and configuration/policy audit procedures to ensure cybersecurity expert and multi-team oversight
• Partnering with identity security and infrastructure teams to define the cloud access management strategy and target operating model to ensure delivery of rule audits, approvals, and exceptions in line with compliance and cybersecurity policy
• Defining cloud asset characteristics and tagging required 
• Collaborate with cross-functional teams to foster a strong security culture, ensure adoption of security services, and measure health of those services
• Monitor and provide periodic reports to senior leadership on the status of the security operations and resilience program, relevant risk exposure, and any trends or significant emerging issues
• Create a high-performing team culture where team members are supported, standards are consistently upheld, people are treated with respect, and everyone feels a sense of belonging

Who You Are

• Proven experience (4+ years) in a security leadership role with deep expertise in product security, cloud security and DevSecOps disciplines and best practices (NIST SSDF, BSIMM, OWASP, Google SLSA, Cloud Security Alliance)
• Experience with ISO 27001, PCI DSS, PCI 3DS, GDPR, and CPRA
• Experience in executive level reporting
• Exceptional leadership and managerial skills, with the ability to effectively lead and develop a high-performing security team
• Excellent understanding of cybersecurity risk management principles and the ability to implement effective controls and processes
• Hands-on experience designing and implementing security programs, policies, and procedures
• Demonstrated experience leading transformational roadmaps and scaling support across a large and growing global organization 
• Excellent communication and interpersonal skills, with the ability to cultivate relationships across teams, influence decision making, and collaborate with stakeholders at all levels of the organization
• Proactive and strategic mindset, with the ability to anticipate and mitigate security risks and issues
• High ethical standards and a commitment to promoting a strong security culture.
• Relevant certifications: CISSP, CIAM, GSEC, Security+, CISA, CDP, CDE, GCSA, CASE, CASS, CSSLP, GWEB, GDSA, ISSAP, and AWS certifications
• Financial services or FinTech experience preferred 
• BS degree preferred

Manager

• Derek Samford

Recruiter

• Kayla Osuna

Typical Process

• Application submission
• Recruiter phone call
• Hiring manager video call
• Virtual “Onsite” consisting of 4-5, 45 min calls
• Offer!

Compensation and Benefits

Marqeta is a Flex First company which allows you to choose your best working environment, whether that be from home or at a company office. To support Flex First, we calibrate pay to a competitive value according to working location. Compensation is aligned according to three tiers within the United States:

• National: A baseline tier that applies to most of the geographic territory of the United States.
• Premium: Slightly elevated from the National tier, and oriented toward a narrower set of higher cost-of-living areas, such as Los Angeles CA and Seattle WA
• Premium Plus: A tier for the most expensive working areas, like the San Francisco Bay area and New York City.

Visit this page or consult with a Recruiter to determine which tier would be applicable to you.

When determining salaries, we consider several factors including, but not limited to, skills, prior experience, and work location. The new-hire base salary range for this position is:

• National: $196,000 - $245,000 USD
• Premium: $200,700 - $250,900 USD
• Premium Plus: $218,200 - $272,700 USD

We also believe in recognizing the contributions of our people. That's why we award annual bonuses to eligible employees, rewarding both individual performance and the success of the entire company.

Along with monetary compensation, Marqeta offers

• Multiple health insurance options
• Flexible time off – take what you need
• Retirement savings program with company contribution
• Equity in a publicly-traded company and an Employee Stock Purchase Program
• Family-forming benefits, fertility support, and up to 20 weeks of Parental Leave
• Free therapy sessions, financial and professional coaching, and legal advice
• Monthly stipend to support our remote work model
• Annual “development dollars” to support our people growth and development

About Marqeta

Marqeta is on a mission to change the way money moves. We’re one of the earliest enablers of embedded finance, a market opportunity sized up in the trillions. Our card issuing platform provides unprecedented flexibility and control for companies to issue cards, authorize transactions, and manage payment operations in real time. Marqeta is powering the most well known brands in the new economy (Block, Cash App, Affirm, Instacart, Doordash, Uber, Walmart, etc). You don’t need to be a Payments expert to join the Marqeta Team, let us help you with that.  This is the opportunity of a lifetime to work with innovators around the world and unlock equitable financial access for all.

---

Marqeta’s Values

– Solve for the Customer: With a deep understanding of our customers' business and empathy for their needs, we deliver products and services that drive their success. Earning and keeping their trust guides everything we do.

– Do What's Right: Knowing businesses and livelihoods depend on us, we pursue solutions that disrupt responsibly and deliver high-quality results that our customers count on. We own our work from start to finish.

– Simplify and Innovate: We approach challenges with curiosity and take smart risks. Innovation comes from finding better, simpler ways to achieve extraordinary outcomes.

– Win as a Team: We succeed together by embracing diverse perspectives and pushing each other to raise the bar. We lead with humility and set aside hierarchy to work as a team.

– Make it Count: We drive forward with focus and agility. With a sense of urgency and purpose, we get the job done, and done right.

---

Equal Employment Opportunity, Accommodations and Privacy 

Marqeta is proud to be an equal opportunity employer that gives consideration to all qualified applicants regardless of race, ancestry, national  origin, color, Indigenous, citizenship, religion/creed, sex, sexual orientation, gender identity, gender expression marital status, family status, disability, veteran status, criminal histories consistent with legal requirements, or any other characteristic protected by applicable law. 

Our dedication to diversity and inclusion extends beyond the categories above. Review Marqeta’s ESG Report to see that dedication in action. Fostering an environment where everyone feels valued and respected creates a stronger and more innovative team at Marqeta. We celebrate the unique contributions of each individual and empower all members of our organization. Join us in building a company where diversity thrives and everyone can be their authentic selves.

If you require reasonable accommodation for the application process and beyond (including due to a disability), please submit this form and we will be more than happy to assist you. Marqeta will make reasonable accommodations for candidates when needed in accordance with applicable law. The Applicant and Candidate Privacy Notice applies to the personal data that you directly provide to us or that we collect during the application and candidate recruitment process.