As an IT Systems Engineer at One, you will play a crucial role in maintaining the Information Technology systems and processes of the company. Your responsibilities will include managing the helpdesk, on/offboarding procedures, developing self-service channels and tools, automating technological tasks, and overseeing SaaS services. You will also be involved in knowledge and content management, ensuring critical content is regularly updated, identifying opportunities for automation and self-service for internal customers, and leading projects to implement these solutions. Additionally, you will provide on-site assistance to Ones staff when technical issues arise. Your primary focus will be on ensuring the security of all IT operations. You will act as the triage and escalation point for IT service requests, troubleshoot and resolve technical issues related to hardware, software, and network systems, manage macOS and Windows endpoints, and ensure that proposed IT solutions prioritize user experience while being compliant and secure. Furthermore, you will collaborate with the IT & Security teams to develop and implement new technology solutions, maintain compliance with company policies and standards, and assist in the development and maintenance of IT policies and procedures. To be successful in this role, you should have at least 3 years of experience in IT infrastructure design, implementation, and maintenance, with a focus on cloud-based services and macOS endpoints. Strong knowledge of macOS and Windows management and deployment tools, excellent problem-solving skills, and the ability to communicate technical concepts to non-technical stakeholders are essential. Relevant certifications such as AWS Certified Solutions Architect, Security+, and/or Apple Certified Support Professional are a plus, as well as experience with AWS IAM and Okta Identity Engine. At One, you can expect a competitive salary, benefits effective from day one, early access to a high-growth fintech, generous stock option packages, employer Provident Fund contributions, comprehensive health insurance for you and your family, flexible time off programs, monthly transport allowance, work-from-home stipend, and a hybrid working model. One follows a flat titling structure to scale the company thoughtfully and avoid inequities. Internal titles are based on specific functional responsibilities and include additional descriptors for clarity. Inclusion and belonging are core values at One, ensuring that all employees are valued and respected within the organization.,
About One One's mission is simple - to help customers achieve financial progress. One is creating simple solutions to assist customers in saving, spending, borrowing, and growing their money all in one place. The U.S. consumer today deserves better, as millions of Americans are unable to access credit, build savings or wealth, and are managing their financial lives through multiple disconnected apps. Approximately a quarter of U.S. adults are unbanked or underbanked, and about 80% of fintech users rely on multiple accounts to manage their finances. One is unique as it is backed by a preeminent fintech investor (Ribbit) and the world's largest retailer (Walmart), maintaining the speed and independence of a startup while employing a strong and growing collection of world-class talent. This presents an opportune moment to build a business that aids people in achieving financial progress. Come build with us! The Role As an Application Security Engineer at One, you will be responsible for ensuring that One delivers secure and reliable applications at scale. Your role involves partnering with engineers to integrate security into the product from the ground up, developing engineering tools and workflows to test and validate artifacts, and actively creating security frameworks. You will champion modern Application Security Engineering at One, directly impacting the security of all products. Additionally, you will provide subject-matter expertise to product teams on security best practices, optimize secure coding practices, utilize offensive security techniques to strengthen our environment, and enhance overall security practices. Responsibilities - Ensuring the quality and security of applications and products by guiding their development through the Secure Development Lifecycle (SDLC) process. - Conducting SAST/DAST and penetration testing on core application services, web applications, and mobile applications. - Developing, maintaining, and extending an in-house application security and penetration testing automated testing framework. - Creating secure libraries, hardening existing libraries and frameworks, and eliminating vulnerabilities. - Enforcing SDLC practices through Infrastructure-As-Code (IaC) policies whenever possible. - Collaborating closely with Engineering teams to validate the security posture of new features before production deployment. - Triaging and validating security vulnerabilities, acting as a subject-matter expert in AppSec for the Engineering team. - Refactoring and deploying secure libraries and frameworks across the code repository. - Training engineers, architects, code reviewers, and others on secure coding practices. - Contributing to application threat models and maintaining awareness of vulnerabilities in application technologies. - Working with Security and other engineering teams to maintain a security architecture that provides controls across all platforms to mitigate risk. - Providing expertise on code-level security concerns during product development. Requirements - 5+ years of experience in security engineering, DevSecOps, and application development. - Strong knowledge of CVSS, MITRE ATT&CK, and OWASP Top 10. - Proficiency in TypeScript and practical understanding of AWS core services. - Experience with modern application architecture, deployment practices, and secure software development frameworks. - Familiarity with Library/API/Framework development and integrating security scanning tools with CI/CD. - Expertise in security vulnerabilities, cryptography, and security evaluation tooling. - Exposure to technologies like AWS, iOS, Android, Vault, Kubernetes, React, GraphQL, and Datadog. - Understanding of regulatory compliance concerns (GLBA, CCPA, PCI). - Triple H Factor: Humble, Hungry, and Honest with an act-like-an-owner mentality. What it's like working @ One - Competitive compensation. - Benefits effective from day one. - Early access to a high-growth fintech startup. - Generous stock option packages. - Employer Provident Fund contributions. - Comprehensive health insurance for you and your family, including mental health support. - Flexible time off programs, monthly transport allowance, work-from-home stipend, and a hybrid working model. Leveling Philosophy One follows a flat titling structure to scale the company thoughtfully and avoid inequities. Internal titles reflect specific functional responsibilities and additional descriptors for clarity within the organization. Employees are compensated based on experience and internal level within One. Inclusion & Belonging,