Secure the Future of Banking with AI at Casca
Casca is revolutionizing banking with AGI, replacing outdated systems with cutting-edge AI technology that automates 90% of manual tasks. Founded by industry-leading banking and AI experts from Stanford, MIT, and Y Combinator, we're driven to win. We believe our greatest asset is our ability to continuously improve.
The Mission: Product Security Engineer
Join our team as a Product Security Engineer and play a vital role in securing our AI-driven lending platform. You'll work hand-in-hand with engineering, product, and compliance teams to integrate security into every phase of development, ensuring our platform remains resilient in the fast-paced fintech landscape. This is your opportunity to make a significant impact on a next-generation financial platform.
Your Impact:
Architect and build secure-by-default libraries and tools, making security the easiest and most appealing option for developers and their AI agents.
Collaborate closely with engineering teams to embed secure design principles throughout the entire development lifecycle.
Conduct in-depth security reviews of critical code and own key components of the product, including authentication and access control mechanisms.
Contribute directly to the Casca codebase, shaping the future of our AI-powered platform.
Proactively audit the existing codebase to identify and remediate potential vulnerabilities.
Enhance our static analysis and vulnerability management tooling to improve our security posture.
Uncover vulnerabilities through engaging in red team exercises, pushing the limits of our defenses.
Participate in incident response activities, helping to mitigate and resolve security incidents effectively.
What You'll Bring:
2+ years of experience in product security, application security, offensive security, and/or security-focused software engineering.
A proven track record of identifying software vulnerabilities, evidenced by CVEs, bug bounty awards, blog posts, or relevant work experience.
Deep expertise in web application security principles and best practices.
Exceptional communication and collaboration skills, with a knack for working effectively with engineering teams.
Bonus Points:
Active contributions to open-source security projects.
Experience red teaming Large Language Models (LLMs) and AI-native applications.
Experience managing cloud environments (e.g., Azure, GCP, AWS).
Prior experience in a small company or high-growth startup environment.
Perks of Joining Casca:
An opportunity to be part of a game-changing company with massive growth potential.
Competitive salary and comprehensive benefits package.
Visa sponsorship available.
As an early-stage company at the forefront of AI innovation, we operate with intensity and commitment. While schedules can vary by role/team, many weeks will require extra focus, flexibility, and time, especially during major launches and high-impact sprints. We're seeking individuals who are aligned with and able to commit to this expectation, which includes 5 days per week in our San Francisco office.