Product Security Architect

We are looking for a highly skilled Product Security Architect to join our team at Tipalti. This role is pivotal in ensuring the security of our applications from inception to production and beyond. The ideal candidate will have a solid development background that has evolved into security expertise, enabling them to work closely with development teams to implement security best practices and develop protection mechanisms.

Why join Tipalti?

Tipalti is one of the world’s fastest-growing fintech companies. We free finance professionals to lead by modernizing the entire payables operation. We are a well-funded, late-stage start-up backed by high-profile investors. Our 2021 Series F funding round raised $270 million, valuing us at over $8.3 billion. With total funding of just over $550 million, and with more than 3000 global customers, Tipalti is one of the most valuable private fintech companies in the world.

At Tipalti, we pride ourselves on our collaborative culture, the quality of our product and the capabilities of our people. Tipaltians are passionate about the work they do, and keen to get the job done. Tipalti offers competitive benefits, a flexible workplace, career coaching, and an environment where diverse individuals can thrive and make an impact. Our culture ensures everyone checks their egos at the door and stands ready to reach for success together. 

Founded in Israel in 2010, Tipalti is a global business headquartered in the San Francisco Bay Area (Foster City) with offices in Tel Aviv, Plano, Toronto, Vancouver, London, Amsterdam and Tbilisi.

In this role, you will be responsible for:

• Partner with all Tipalti development teams to establish and govern security practices from the outset of development to production.
• Conduct application security assessments, including architecture design reviews and threat modeling.
• Act as a security advisor to cross-functional teams, including product, engineering, and others, to support secure software development.
• Design, build, and implement advanced application security solutions.
• Lead security audits, vulnerability assessments, and code reviews.
• Develop and share software security guidelines, including training materials, secure coding checklists, best practices, and reusable code.
• Ensure ongoing compliance with security policies and procedures in support of regulatory requirements.
• Elevate security awareness across the SSDLC, defining tailored training roadmaps as needed.
• Manage and review security issues in products, analyzing severity and risk, and recommending remediation steps.
• Establish, manage, and lead a VDP/Bug Bounty program.

About you 

• Minimum of 3 years of security architectural experience, including threat modeling and design reviews of complex products – Must
• Experience in SaaS application development (2+ years) – Optional
• Development expertise in one of the following: .NET or JavaScript – one of them is a  Must
• In-depth knowledge of end-to-end security architectural considerations.
• Proven ability to establish and manage security policies, acting as the central security contact for all S-SDLC tasks, challenges, and requirements.
• Strong understanding of the OWASP Top 10 application security risks and the ability to address them.
• Experience with cloud-native infrastructure architecture (e.g., containers, Kubernetes).
• Solid knowledge of Cloud Security Architecture, particularly with AWS and Azure.
• Proficient in microservice architecture, web technologies, and APIs.
• Excellent communication skills, with the ability to effectively convey information to both technical and non-technical stakeholders, from developers to senior management.
• Hands-on experience with at least two application security tools, such as SAST, API Security, DAST, WAF. - Must

Our tech teams are the engine behind our business. Tipalti’s tech ecosystem is extremely rich and we continually add new features to our products, ensuring that we respond to our clients’ needs at scale. Our tech teams retain a fast-paced, start-up vibe that encourages innovation and critical thinking. At Tipalti, you’ll have the opportunity to work with a diverse, global team of engineers, developers and product leaders who are collectively building the future of our best-in-class product suite as we transform financial operations for the future.

#LI-TH1

Interested in learning more about us?

Tipalti is the only company handling both global partner payments and accounts payable workflows for high-velocity companies across the entire financial operations cycle: onboarding and managing global suppliers, instituting procurement controls, streamlining invoice processing and approvals, executing payments around the world, and reconciling payables data across a multi-subsidiary finance organization. Tipalti enables companies to scale quickly by making payables strategic with operational, compliance, and financial controls. Through Tipalti, our clients can efficiently and securely pay thousands of partners and suppliers in 196 countries within minutes. 

Tipalti is fueled by a commitment to our customers and a desire to build lasting connections. Our client portfolio includes high-velocity businesses such as Amazon Twitch, GoDaddy, Roku, WordPress.com, and ZipRecruiter. We work hard for our 98% customer retention rate which is built on trust, reliability and innovation. Tipalti means we handled it" - a mission to which we are constantly committed.

Accommodations
Tipalti champions inclusive teams, in which every voice counts. We are committed to recruiting diverse candidates with varied personal experiences and abilities. We welcome applications from candidates belonging to historically underrepresented or disadvantaged groups, and maintain an equitable Talent Acquisition process that is free from discrimination.

As an equal opportunities employer, Tipalti complies with employment and human rights laws across the various jurisdictions in which we operate. Should you require reasonable adjustments or accommodations during the recruitment process, including access to alternate formats of materials, meeting spaces, or other accommodations that could better enable your full participation, please reach out to hr@tipalti.com for assistance.

Privacy
We are committed to protecting the privacy interests of job applicants and candidates. For more information about our privacy practices during our Talent Acquisition process, please refer to our Job Candidate Privacy Notice below:

Job Candidate Privacy Notice | Tipalti

www.tipalti.com/privacy/job-candidate-privacy-notice/