Senior Security Engineer

Senior Security Engineer Most wealth management is fragmented. Range is building AI-powered wealth management that actually works. One platform – investments, taxes, retirement, estate – all of it. All helping members manage financial complexity. Backed by Google's Gradient Ventures, Cathay Innovations, and Scale Venture Partners. Hyper-growth. Small team. Every person matters. We're looking for a senior security engineer who breaks things so our members never have to worry. About the Role You will be the person who keeps our members' financial lives safe. Range handles sensitive data across investments, taxes, retirement, and estate planning. That means security isn't a side function here. It's foundational. You'll think like an attacker so we can build like defenders. You'll probe our AI systems, infrastructure, and applications for weaknesses before anyone else can find them. When you find something, you won't just write it up. You'll work directly with engineers to fix it. When you see a gap in how we detect or respond to threats, you'll close it yourself. You'll also help us think about what's next. AI introduces new attack surfaces that most security playbooks don't cover yet. Training pipelines, inference systems, model architectures, supply chain risks. You'll be the person figuring out what those threats actually look like for a fintech company and what we need to do about them. We think really big, but we ship small and incrementally. You'll build automated tools to scale what you do, contribute to how we measure security as a program, and help the whole engineering team raise their security instincts. At Range, security engineers are builders, not gatekeepers. Who you are A builder who breaks things on purpose. You go from threat model to proof of concept to remediation plan. You don't just identify risks in a spreadsheet. You demonstrate them and help fix them. Offense-minded. You've spent real time doing red team operations, penetration testing, or security research. You know how attackers actually work, not just how frameworks describe them. Curious about AI. You have growing expertise in AI/ML security, or you're deeply motivated to develop it. You're thinking about prompt injection, model poisoning, data exfiltration from training pipelines, and the attack surfaces that most teams haven't mapped yet. Independent and collaborative. You can run a complex assessment solo and then sit with an engineering team to explain what you found and why it matters. You make security feel like a partnership, not a penalty. AI-native. You're already using AI every day as core infrastructure. You see it as the thing that makes one security engineer dramatically more effective. You care about outcomes. You connect every finding back to real risk for real members. You prioritize what actually matters over what looks impressive in a report. What we’re looking for - 6+ years of professional security engineering experience - Deep hands-on experience with offensive security: red teaming, penetration testing, or vulnerability research - Experience assessing cloud infrastructure security, preferably AWS (EC2, ECS, RDS, S3, IAM, and similar) - Ability to develop custom tools and automation for security testing (Python, Go, or similar) - Experience analyzing and exploiting web application vulnerabilities - Strong understanding of threat actor techniques, tactics, and procedures - Ability to translate technical security findings into clear, actionable recommendations for engineering teams - Bachelor's degree in Computer Science, Cybersecurity, or a related field, or equivalent practical experience What will set you apart - Experience with AI/ML system security: training pipelines, inference systems, model architectures - Familiarity with AI-specific attack vectors such as prompt injection, model poisoning, or data extraction - Fintech or financial services security experience - Experience building security metri ... (truncated, view full listing at source)