Senior Lead Security Engineer – Bot Management

Job not on LinkedIn

6 hours ago

Apply Now

Receive Emails with Similar Jobs

Best Egg

WebsiteLinkedInAll Job Openings

Finance • Fintech • B2C

Best Egg is a lending company that offers a range of financial products and services, including personal loans, debt consolidation, credit card refinancing, and secured loans using vehicle equity or homeowner discounts. The company emphasizes hassle-free and fast financial service, with an online platform that allows users to manage their accounts, view offers, and access various financial health resources. Best Egg aims to support customers in building a brighter financial future by offering competitive rates and personalized loan terms. Best Egg loans are facilitated through partnerships with banks and are available in various amounts, with flexible terms and conditions.

501 - 1000 employees

Founded 2014

💸 Finance

💳 Fintech

👥 B2C

📋 Description

• Design, deploy, and optimize bot-mitigation and service-abuse controls, including WAF configurations, rate limiting, behavioral/velocity checks, challenge/attestation frameworks (e.g., Cloudflare Turnstile), device-telemetry validation, and API/form hardening. • Develop and maintain automated detection capabilities leveraging IP/ASN intelligence, identity patterns, traffic analytics, and anomalous behavior models. • Lead bot-related incident response activities, including triage, containment, root-cause analysis, and long-term remediation planning to support platform stability and operational continuity. • Partner closely with Engineering, DevSecOps, Fraud Strategy, Fraud Operations, Data, and Product teams to integrate preventive and detective controls across the customer funnel. • Drive the long-term bot-mitigation roadmap and capability vision in partnership with Engineering, Product, Fraud, Data, and DevOps, ensuring alignment with enterprise risk-reduction, platform resiliency, and operational efficiency goals. • Establish monitoring, reporting, and multi-signal decisioning (signal-fusion) mechanisms to provide visibility into bot activity, control effectiveness, system performance impacts, and operational risk indicators. • Evaluate new tools, technologies, and techniques related to bot detection, behavioral analytics, device attestation, signal fusion, and automated-abuse prevention; develop recommendations based on threat trends, performance considerations, and business requirements. • Produce architectural documentation, detection logic specifications, technical standards, and operational runbooks that support scalable and repeatable defense capabilities. • Guide engineering teams in embedding resilient security patterns into web and API designs and influencing product flows to reduce automated-abuse exposure. • Mentor team members and contribute to the broader security engineering and service-abuse management knowledge base.

🎯 Requirements

• Bachelor’s Degree in Information Security, Computer Science, Engineering, or equivalent work experience. • 5+ years of experience in Security Engineering, Application Security, Detection Engineering, or Fraud/Abuse/Risk Engineering. • Strong understanding of web architecture, microservices, RESTful APIs, and common automation-abuse vectors. • Experience with WAF/CDN platforms, API security, or cloud-native security constructs (AWS preferred). • Ability to analyze high-volume web data to identify automated, anomalous, or abusive patterns. • Familiarity with automation or scripting languages (e.g., Python) for detection logic, data analysis, or security-control deployment. • Experience with CI/CD processes, infrastructure-as-code, and security automation tools is a plus. • Demonstrated ability to produce high-quality technical documentation, architectural diagrams, and detection logic specifications.

🏖️ Benefits

• Pre-tax and post-tax retirement savings plans with a competitive company matching program • Generous paid time-off plans including vacation, personal/sick time, paid short-- term and long-term disability leaves, paid parental leave, and paid company holidays • Multiple health care plans to choose from, including dental and vision options • Flexible Spending Plans for Health Care, Dependent Care, and Health Reimbursement Accounts • Company-paid benefits such as life insurance, wellness platforms, employee assistance programs, and Health Advocate programs • Other great discounted benefits include identity theft protection, pet insurance, fitness center reimbursements, and many more!