Corporate Security Engineer, IAC & Automation

About OnePay OnePay is the consumer fintech trusted by millions of Americans to make money better. Our financial system is broken. High fees, low rates, and too few ways to actually grow your money. We’re fixing it. And we’re moving fast. We’re an all-in-one financial services platform that brings together banking, high-yield savings, credit cards, point-of-sale lending, investing, and crypto in one place. We also partner with employers, HCM providers, gig platforms, and others to deliver embedded financial services to millions of employees and frontline workers. We’re backed by Walmart, the world’s largest retailer, and Ribbit Capital, one of fintech’s most respected investors, giving us rare scale, distribution, and the opportunity to build something truly category-defining. But what really sets OnePay apart is how we move. Our customers don’t have time to wait… and neither do we. This place moves fast, and we’re looking for people who are: Ready to run Hungry and driven by urgency Exceptional at what they do, with low ego Comfortable operating in motion The Role As a Corporate Security Engineer at OnePay, you will lead the design, implementation, and optimization of our corporate security infrastructure. You will enhance security controls, align goals with business objectives, and drive automation and self-service capabilities to maintain a strong security posture in a rapidly scaling environment. Work with IaC tools like Terraform to ensure enterprise configurations are steady, change-managed and machine-readable. Design and deploy endpoint security measures aligned with industry standards, including vulnerability management. Ensure a strong security posture for corporate SaaS applications by configuring vendor capabilities or building automations to meet OnePay standards. Mature and manage data protection controls, including Data Loss Prevention (DLP) tools and secure data handling processes. Build secure methods for sharing data with internal teams and external partners. Collaborate with IT, Infrastructure, and Security teams to implement security measures, maintain critical corporate systems (ensuring availability and compliance), and drive process improvement through automation. Develop and run incident response and disaster recovery plans, including tabletop exercises. You bring 5+ years of IT experience, including 3+ years in enterprise security within cloud environments. Expertise in IaC tools like Terraform (preferred), Puppet, Chef or Ansible. Proven ability to lead projects, drive measurable security improvements through automation, leveraging scripting (Python, Go, and/or TypeScript). Solid understanding of networking, authentication standards, and security frameworks (MITRE ATT&CK, NIST CSF, CIS benchmarks), with hands-on experience in ZTNA and DLP solutions (e.g., Netskope, Zscaler). Skilled at simplifying technical concepts for non-technical audiences and influencing decisions. Experience with workflow automation tools like n8n is a plus. Tools We Use We use Node and TypeScript on the server, leveraging the NestJS framework within a microservice-oriented architecture running on Kubernetes and AWS. On the client side, we build and ship product features for iOS, Android, and web platforms using React Native. While you don’t need experience with our exact stack, familiarity with modern software engineering practices will help you ramp up quickly. What We Offer Competitive base salary, stock options, and health benefits from Day 1 401(k) plan with company match Remote-friendly (US), flexible time off (FTO), and opportunities for growth A high-growth, mission-driven, inclusive culture where your work has real impact Standard Interview Process Initial Interview with Talent Partner Technical or Hiring Manager Interview Team Interview Executive Interview Offer! Equal Employment Opportunity To build technology and products that are used and loved by people and solve real-world problems, we need to build a team with many different perspectives and experiences. We are an equal opportunity employer. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. We encourage candidates from all backgrounds to apply. Applicants in need of special assistance or accommodation during the interview process or in accessing our website may contact us at [email protected].

{
  "content_hash": "aca2d8267cedf9c06ba27938faaee7ec9741bd4023a52a478c1b3d2794e0bfdd",
  "source_hash": "4ecae2539a80acf7c2156001eaf84fa5d205348e5161f0a81fa78e3b11676b13",
  "last_changed_at": "2026-05-30T07:39:15.904Z",
  "active_status": "active"
}

{
  "language": "en",
  "location": {
    "raw": "United States (Remote)",
    "city": null,
    "region": null,
    "country": "United States",
    "is_remote": true,
    "confidence": 0.95
  },
  "salary_max": null,
  "salary_min": null,
  "inferred_at": "2026-06-06T19:34:47.849Z",
  "launch_scope": {
    "reason": "english_us_canada",
    "included": true,
    "language": "en",
    "location": {
      "raw": "United States (Remote)",
      "city": null,
      "region": null,
      "country": "United States",
      "is_remote": true,
      "confidence": 0.95
    },
    "countries": [
      "United States"
    ]
  },
  "remote_policy": "remote",
  "salary_period": null,
  "workplace_type": "remote",
  "salary_currency": null
}

{}

{
  "id": "6a665838-2db9-412c-b1fa-2337edd2bf14",
  "team": "Engineering, Security & IT, Corporate Security Engineering",
  "title": "Corporate Security Engineer, IAC & Automation",
  "jobUrl": "https://jobs.ashbyhq.com/oneapp/6a665838-2db9-412c-b1fa-2337edd2bf14",
  "address": null,
  "applyUrl": "https://jobs.ashbyhq.com/oneapp/6a665838-2db9-412c-b1fa-2337edd2bf14/application",
  "isListed": true,
  "isRemote": true,
  "location": "United States (Remote)",
  "updatedAt": null,
  "apiVersion": "ashby-non-user-graphql-v1",
  "department": "Engineering",
  "publishedAt": null,
  "workplaceType": "Remote",
  "employmentType": "FullTime",
  "secondaryLocations": []
}