Principal Software Engineer, Small Business Cybersecurity and Fraud

Do you take joy in stopping bad actors in their tracks? Join the SBSEG (Small Business and Self-Employed Group) Security & Abuse Prevention team to design and develop the next generation of security and fraud protections for small businesses around the world.

As part of the team, you will work with product engineers, abuse, fraud, and security specialists and data scientists to rapidly deliver tools, software components, and services that frustrate fraudsters and delight Intuit's customers. You must be ready to learn fast and innovate. You will bring your past leadership experience to develop and coach teams to navigate through ambiguity and help teams deliver services that are secure and delightful to our customers. You will also participate in security incident management and drive root cause analysis eventually leading to the development of controls that will prevent repeated security exploitations.

Responsibilities:

• Drive design and implementation of secure workflows for Small Business applications and services
• Assess and identify potential security risks and vulnerabilities in small business products and services deployed in multi-cloud environments and guide teams on solutions to mitigate them
• Ensure compliance with Intuit security standards, policies, and regulatory requirements
• Develop and implement security best practices and standards for generative AI based applications, and services
• Collaborate with other architects and stakeholders to ensure security is integrated throughout the system development lifecycle and is not an afterthought
• Innovate to boost velocity by employing a shift-left approach
• Participate in security incident management and drive root cause analysis for future avoidance across Intuit
• Drive resolution of systemic security issues with tactical and strategic mindset
• Communicate security risks and concerns to senior leadership and stakeholders and develop plans to address them
• Develop and maintain strong relationships with business domain leadership to keep track of changing business needs and priorities
• Work with application developers, users, operational leadership, and subject matter experts to understand current and future security goals. Recommend modern technology stacks to meet those goals and help engineering teams migrate towards their use

Qualifications:

• 10+ years' experience implementing, managing or governing security technologies, application security, network security, intrusion detection and digital forensics
• Experience in securing generative AI workflows from data leakage, prompt injection, membership inference and model theft attacks
• 5+ years' experience with threat modeling for mobile applications, microservices deployed in distributed systems, web applications, serverless applications and data pipelines
• Proficiency in understanding security threat landscape through the application of well-known industry frameworks like OWASP top 10 for API, applications, mobile apps, LLMs
• Strong programming skills in languages such as Python, Java, PHP, C++, or similar, with a focus on secure coding practices
• In-depth understanding of data security technologies and identity protocols to ensure strong authentication/authorization mechanisms to help design and protect secure small business products and services
• Experience working with cross-functional teams across the organization
• Strong debugging, problem solving and investigative skills
• Ability to assimilate disparate information (log files, error messages etc.) and pursue leads to find root cause problems
• Experience with Agile/Scrum methodology
• Self-starter who can work independently

Preferred Qualifications:

• Bachelor's/master's degree in MIS, Computer Science, Math, Engineering or comparable major. Equivalent experience will be considered
• Well versed with secure prompt engineering techniques for Large Language models like ChatGPT, Gemini, Anthropic
• Ability to apply technology and consulting to boost productivity by automating repeated tasks
• Possess great interpersonal skills and can communicate and present complex issues with assurance and confidence
• Demonstrate the use of consulting skills including questioning, listening, ideas development and influencing

Intuit provides a competitive compensation package with a strong pay for performance rewards approach. The expected base pay range for this position is New York $245,500 - $332,500. This position will be eligible for a cash bonus, equity rewards and benefits, in accordance with our applicable plans and programs.