At NerdWallet, we're building tools and experiences that help people make smarter financial decisions. As a Security Software Engineer focused on AI and Automation, you'll help strengthen the security, reliability, and trust behind those experiences by designing AI-powered security systems that make secure software development more scalable and effective across our engineering organization.In this role, you'll partner closely with security engineering and infrastructure teams to build automation and AI-powered solutions that help identify vulnerabilities, improve security reviews, and reduce risk across our platforms. You'll take ownership of security engineering initiatives that combine software development, AI systems experience, and security-first thinking to solve meaningful problems at scale.You'll have room to bring new ideas, influence how AI and automation practices evolve at NerdWallet, and shape the future of security tooling within a team that values curiosity, informed risk-taking, and thoughtful problem-solving.This role reports to the AI Security Manager.Projects you may be working on in this position include:Designing and building multi-agent LLM systems and routing logic that automate threat modeling, security design review, policy Q&A, and vulnerability analysis at scaleDeveloping retrieval-augmented generation (RAG) pipelines and semantic search systems across large code and documentation repositoriesCreating automated code review capabilities that help identify insecure patterns and improve software quality earlier in the development lifecycleDesigning integrations with tools such as GitHub, Slack, Jira, Confluence, and cloud platforms to embed security guidance into everyday engineering workflowsDeveloping REST APIs and platform services with authentication, authorization, rate limiting, observability, and secure handling of sensitive dataDesigning and maintaining scalable data processing pipelines for large codebases and document repositories, including extraction, indexing, stream processing, batch jobs, and parallel executionImproving AI application security through controls such as prompt injection prevention, sensitive data filtering, supply chain security, and secure handling of model inputs and outputsEnhancing NerdWallet's secure software development lifecycle (SSDLC) through automation, tooling, and developer-friendly security practicesPartnering with engineering teams to prioritize and remediate application and infrastructure security risksSupporting incident response and on-call needs by contributing security engineering expertise, tooling, automation, and analysis when security issues ariseIdentifying new opportunities for automation and AI augmentation across the security team, bringing fresh eyes and independent thinking to a growing backlog of high-impact workWhere you can make an impact:Serve as technical lead on high-priority initiatives, taking ownership of technically complex work and collaborating across teams to deliver practical, measurable security outcomesHelp shape how AI and automation are securely adopted across NerdWallet's engineering ecosystemBuild tools and platforms that make security more accessible, scalable, and actionable for development teamsImprove the speed and quality of security reviews through thoughtful automation and security-first designStrengthen customer trust by helping protect NerdWallet's products, systems, and sensitive dataServe as an internal subject matter expert on AI and automation, advising on appropriate use cases, limitations, and risks to both technical and non-technical stakeholdersYour experience:3+ years of software engineering or security engineering experienceStrong proficiency in Python or Go for building production-grade backend services, APIs, and data pipelines; comfort moving between languages is expectedExperience building and maintaining backend services including REST APIs, authentication, authorization, rate limiting, streaming, and observabilityWorking knowledge of application security concepts including common vulnerability classes such as injection, broken authentication, cross-site scripting, insecure authorization, and secrets exposure; experience with threat modeling and SSDLC practicesHands-on experience building AI-powered systems using LLM APIs, including retrieval-augmented generation (RAG) pipelines, multi-agent architectures, and semantic search; working understanding of AI-specific security risks such as prompt injection, sensitive data exposure, and secure handling of model inputs and outputsGenuine interest in AI and how it applies to security, not just as a tool to use, but as a domain to understand deeply, including its limitations and risksExperience developing and operating distributed systems and cloud-based environments, including message queues, NoSQL databases, AWS, containers, Kubernetes or ECS, serverless, and infrastructure as codeUnderstanding of caching and performance patterns including Redis, semantic caching, TTLs, and cache invalidationStrong communication skills, able to explain complex AI and security concepts clearly to both technical and non-technical audiences, and confident advising stakeholders on tradeoffs and limitationsWhat we offer:Work Hard, Stay Balanced (Life’s a series of balancing acts, eh?)Industry-leading medical, dental, and vision health care plans for employees and their dependentsRejuvenation Policy – Flexible Vacation Time Off + 11 holidays + holiday company shutdownNew Parent Leave for employees with a newborn child or a child placed with them for adoption or foster careMental health supportPaid sabbatical after 5 years for Nerds to recharge, gain knowledge, and pursue their interestsHealth and Dependent Care FSA and HSA Plan with monthly NerdWallet contributionMonthly Wellness Stipend, Cell Phone Stipend, and Wifi Stipend (Only remote Nerds are eligible for the Wifi Stipend)Work from home equipment stipend and co-working space subsidy (Only remote Nerds are eligible for these stipends)Have Some Fun! (Nerds are fun, too)Nerd-led group initiatives – Employee Resource Groups for Parents, Diversity, and Inclusion, Women, LGBTQIA, and other communitiesHackathons and team events across all teams and departmentsCompany-wide events like NerdLove (employee appreciation) and our annual Charity Auction Our Nerds love to make an impact by paying it forward – Take 8 hours of volunteer time off per quarter and donate to your favorite causes with a company matchPlan for your future (And when you retire on your island, remember the little people)401K with 4% company matchBe the first to test and benefit from our new financial products and toolsFinancial wellness, guidance, and unlimited access to a Certified Financial Planner (CFP) through NorthstarDisability and Life Insurance with employer-paid premiumsIf you are based in California, we encourage you to read this important information for California residents linked
here.NerdWallet is committed to pursuing and hiring a diverse workforce and is proud to be an equal opportunity employer. We prohibit discrimination and harassment on the basis of any characteristic protected by applicable federal, state, or local law, so all qualified applicants will receive consideration for employment. NerdWallet will consider qualified applicants with a criminal history pursuant to the California Fair Chance Act and the San Francisco Fair Chance Act, which requires this
notice, as well as the Los Angeles Fair Chance Act, which requires this
notice.NerdWallet participates in the Department of Homeland Security U.S. Citizenship and Immigration Services E-Verify program for all US locations. For more information, please see:E-Verify Participation Poster
(English+Spanish/Español)Right to Work Poster
(English) /
(Spanish/Español) Base pay offered may vary within the posted range based on several factors, including but not limited to education, job-related knowledge, skills, experience, and location.
