Staff Security Engineer - CorpSec
About the position At Remitly, we believe everyone deserves the freedom to access, move, and manage their money wherever life takes them. Since 2011, we've tirelessly delivered on our promise to customers sending money globally, providing secure, simple, and reliable ways to manage their money, ensuring true peace of mind. Whether it's supporting loved ones back home, growing a business across continents, or pursuing new opportunities abroad, we're not just here to move money— we're here to move our global customers forward. We're looking for builders, reimaginers, and global thinkers who want to work at the intersection of technology, trust, and transformation. If that’s you and you're ready to do the most meaningful work of your career—we invite you to join over 2,800 passionate Remitlians worldwide who are united by our vision to transform lives with trusted financial services that transcend borders. About the Role: As a Staff Security Engineer on Remitly's Corporate Security team, you will be the hands-on technical lead securing our workforce, devices, SaaS, and core business applications. Beyond CorpSec, you will influence controls such as Web Application Firewalls, API hardening, CI/CD guard-rails, and data-security automation—making “zero-trust everywhere” a daily reality. Partnering with IT, Detection & Response, Infrastructure Security, Application Security, Customer Service Security, and Product teams, you will build company-wide controls that protect every employee, device, and SaaS integration.
Responsibilities
- Secure the stack—review networks, endpoints, internal infrastructure and SaaS (Google Workspace, Okta, Salesforce, Slack, Workday).
- Enforce zero-trust—deploy SASE/ZTNA and least-privilege IAM across AWS, GCP, and SaaS.
- Harden engineering platforms—lock down GitHub/GitHub Actions, Kubernetes, and CI/CD with policy-as-code.
- Automate with Python/Go and Terraform/Pulumi to eliminate manual steps and close the loop on findings.
- Lead reviews—run threat models and audits for everything from new offices and integrations and then track remediation to closure.
- Write to align—deliver one-pagers that clarify risk and drive consensus.
- Mentor & Influence engineers and admins, championing secure-by-default practices.
- Adapt Email Defense — adopt improved email protections and streamline incident handling through integrated analyst workflows.
- Strengthen App Controls — implement app review automation to reduce risk and promote safe integrations.
- Improve Data Safeguards — enforce controls on sensitive data access and monitor for unusual behavior.
- Elevate CI/CD Integrity — apply security checks to code and build pipelines, reducing risk from untrusted sources.
Requirements
- 7+ years in security or software engineering with deep SaaS/cloud exposure.
- Multi-team initiatives reduce risk and are automated, repeatable, and measurable.
- Default-secure controls shorten onboarding and cut operational toil.
- Stakeholders understand trade-offs, align quickly, and adopt the systems you build.
- Strong grasp of TCP/IP, DNS, TLS, VPN, and modern SASE/ZTNA platforms.
- Proficient in Python or Go (bonus TypeScript) and IaC (Terraform/Pulumi).
- Hands-on with WAFs, API security, SIEM detections, and incident response.
- Experience securing AWS/GCP, Kubernetes, GitHub, and CI/CD.
- Familiarity with identity, endpoint, and DLP controls (Okta, MDM, insider-threat).
- Practical experience managing OAuth app risk and reducing token abuse.
- Clear communication and a bias for measurable outcomes.
Benefits
- Flexible paid time off
- Health, dental, and vision + 401k plan with company matching
- Paid parental, medical, military and family care leave
- Mental Health & Family Forming Benefits
- Employee Stock Purchase Plan (ESPP)
- Continuing education and travel benefits
Apply tot his job Apply To this Job