Security Engineer II (Application) @ NerdWallet

Overview

At NerdWallet, we’re on a mission to bring clarity to all of life’s financial decisions and every great mission needs a team of exceptional Nerds. We’ve built an inclusive, flexible, and candid culture where you’re empowered to grow, take smart risks, and be unapologetically yourself (cape optional). Whether remote or in-office, we support how you thrive best. We invest in your well-being, development, and ability to make an impact because when one Nerd levels up, we all do.

About the Role

We are seeking a Security Engineer II to join our Application Security team. The Application Security team enables NerdWallet’s mission—to provide clarity for all of life’s financial decisions, by helping ensure the products and services we design and build safeguard our users’ data and trust.

Responsibilities

• Partner closely with engineering teams across the company to reduce security risk throughout the software development lifecycle.
• Contribute to initiatives that strengthen NerdWallet’s security posture by improving tooling, workflows, and standards that help engineers build secure software while maintaining a great developer experience.
• Help scale NerdWallet’s application security program through automation, tooling, and developer enablement.
• Partner with engineering and product teams to identify and remediate security gaps across multiple systems while balancing business priorities.
• Build tools, processes, and automation that improve security posture visibility for engineers and leadership.
• Review pull requests and provide actionable guidance on secure coding practices.
• Support operational work during security investigations or incidents affecting applications.
• Help integrate security practices into the secure development lifecycle (SDLC) across teams.

Requirements

• Familiar with common web application vulnerabilities and mitigation techniques, such as the OWASP Top 10.
• Pragmatic in your approach to reducing risk, balancing security improvements with product and engineering priorities.
• Curious and motivated to continuously grow your application security knowledge and skills.
• Comfortable asking questions, seeking guidance, collaborating, and debating with teammates when working through complex problems.
• Committed to fostering a respectful, blameless, and collaborative engineering culture.
• Interested in helping engineers understand and adopt secure development practices.
• 2+ years of experience in application security, software engineering, or a related security role.
• Experience identifying, triaging, and remediating security vulnerabilities in applications.
• Experience working with software deployed in cloud environments, particularly AWS.
• Proficient in Python or another scripting language used for automation.
• Comfortable reading and reviewing JavaScript or similar application code.
• Experience or interest in building automation, tooling, or processes that improve application security workflows.
• Comfortable learning new programming languages, frameworks, or security tools as needed.

Benefits

• Industry-leading medical, dental, and vision health care plans for employees and their dependents.
• Rejuvenation Policy – Flexible Vacation Time Off + 11 holidays + holiday company shutdown.
• New Parent Leave for employees with a newborn child or a child placed with them for adoption or foster care.
• Mental health support.
• Paid sabbatical after 5 years for Nerds to recharge, gain knowledge, and pursue their interests.
• Health and Dependent Care FSA and HSA Plan with monthly NerdWallet contribution.
• Monthly Wellness Stipend, Cell Phone Stipend, and Wifi Stipend (Only remote Nerds are eligible for the Wifi Stipend).
• Work from home equipment stipend and co-working space subsidy (Only remote Nerds are eligible for these stipends).
• Nerd-led group initiatives – Employee Resource Groups for Parents, Diversity, and Inclusion, Women, LGBTQIA, and other communities.
• Hackathons and team events across all teams and departments.
• Company-wide events like NerdLove (employee appreciation) and our annual Charity Auction.
• Take 8 hours of volunteer time off per quarter and donate to your favorite causes with a company match.
• 401K with 4% company match.
• Be the first to test and benefit from our new financial products and tools.
• Financial wellness, guidance, and unlimited access to a Certified Financial Planner (CFP).