Senior Software Engineer (Security)

As a Senior Software Security Engineer at Clutch, you will play a critical role in shaping and executing our application and infrastructure security posture. You’ll be embedded in engineering, driving secure-by-design practices, threat modeling, and proactive risk mitigation. This is a hands-on role for someone passionate about building secure systems and influencing security culture across a fast-paced fintech startup.

You’ll act as a key advisor for secure architecture and be responsible for identifying, fixing, and preventing vulnerabilities in our services, tooling, and developer workflows.

The Security, Infrastructure & Platform team is a multidisciplinary group focused on scaling our systems securely and efficiently.

• We partner closely with product engineering to embed security throughout the SDLC.

• We value pragmatism, ownership, and curiosity — always asking “how can we make this safer and faster?”

• We’re building a security-first engineering culture that doesn't slow teams down, but enables them to move fast responsibly.

Within 3 months, you will:

• Embed with engineering teams to review and co-develop security-critical features, providing practical guidance on secure design and implementation.

• Perform code and architecture reviews focused on identifying and mitigating risks in our backend services and web applications.

• Integrate developer-friendly security tooling (SAST, SCA, secret scanners) into our CI/CD pipelines and improve feedback loops.

• Work closely with developers to fix early security issues, promote secure coding standards, and minimize recurring vulnerabilities.

Within 6 months, you will:

• Lead the design and rollout of a developer-focused Secure SDLC, with actionable security gates and clear ownership per stage.

• Collaborate with product and engineering to build features securely by default, including auth, encryption, and access control layers.

• Build internal tools or contribute to platform codebases to help automate threat detection or harden developer workflows.

• Launch an internal security knowledge base or playbook, based on real scenarios and tailored to Clutch’s tech stack and dev needs.

Within 9 months, you will:

• Develop and maintain secure libraries and frameworks used across engineering (e.g., auth modules, secure wrappers, input validators).

• Contribute code and reviews to critical systems or developer tooling, ensuring security is deeply integrated — not bolted on.

• Support and mentor a security champion network inside engineering teams to scale knowledge and influence through code.

• Partner with developers to threat model new services and architecture evolutions, helping teams make informed trade-offs.

• 5+ years of experience in software/application security, ideally in fast-growing startups or fintech environments.

• Deep knowledge of web application security, secure software design, API hardening, and threat modeling.

• Experience integrating security into CI/CD pipelines, including use of SAST, DAST, SCA, and IaC scanning tools.

• Familiarity with common compliance frameworks (e.g., SOC 2, GLBA, PCI-DSS) and cloud-native security (AWS, GCP preferred).

• Strong coding background (e.g., Node.js, Python, Go) and ability to read, understand, and debug code securely.

• Excellent communication skills, with the ability to influence without authority and foster cross-functional collaboration.

Please note that this role may evolve as our business needs change, so we appreciate your flexibility and adaptability.

What’s In It For You?

• Remote Flexibility: Enjoy the freedom of remote work from anywhere, balancing life and career seamlessly.

• Unforgettable Off-Sites: Twice a year, bond with colleagues in exciting destinations, fostering teamwork and fresh ideas.

• Paid Time Off and National Holidays: Enjoy 20 PTO days yearly and the National Holidays for relaxation and rejuvenation.

• Stock Options: Joining us means having a stake in our success, so you'll receive stock options as part of your compensation package.

• Home Office Setup: Create your ideal workspace with a dedicated budget for home office essentials.

• Work Trip Budget: Grow personally and professionally with a budget for work-related trips and co-working.

About Us

Clutch is a revolutionary vertical SaaS company, proudly backed by Andreessen Horowitz (A16z), aimed at revolutionizing the way Credit Unions engage and change the lives of their members. As a champion of financial well-being, we address the urgent need for affordable lending solutions in an era where the average American grapples with over $155,000 in household debt.  Unlike traditional financial institutions, Clutch develops software to turn Credit Unions into FinTech lenders and leverage their balance sheets to responsibly lend to over 130M Americans. Our mission extends beyond mere financial transactions; we strive to fundamentally enhance the way credit unions interact with their members. By integrating cutting-edge technologies and user-centric designs, we help credit unions provide seamless digital experiences that are on par with leading tech companies. This approach not only preserves but revitalizes the longstanding tradition of community and member-focused service inherent to credit unions.

Please note: This position is offered on a contractor basis. Applicants must have the necessary documentation and authorization to work in the country where the job is located. Clutch cannot provide sponsorship or assist with obtaining work permits for this role.

A Note About AI at Clutch
We love AI. We use it often and encourage our team to creatively and effectively leverage AI tools in their work. If you join Clutch, we hope you'll bring the same enthusiasm for exploring how AI can amplify impact, productivity, and innovation.

That said, during the interview process, we want to hear your thoughts. Please approach interviews without the use of AI tools—our goal is to get to know how you think, solve problems, and communicate. Once you're in the seat, bring on the prompts!