Senior Security Engineer at Range

Most wealth management is fragmented. Range is building AI-powered wealth management that actually works. One platform – investments, taxes, retirement, estate – all of it. All helping members manage financial complexity. Backed by Google's Gradient Ventures, Cathay Innovations, and Scale Venture Partners. Hyper-growth. Small team. Every person matters. We're looking for a senior security engineer who breaks things so our members never have to worry. About the Role You will be the person who keeps our members' financial lives safe. Range handles sensitive data across investments, taxes, retirement, and estate planning. That means security isn't a side function here. It's foundational. You'll think like an attacker so we can build like defenders. You'll probe our AI systems, infrastructure, and applications for weaknesses before anyone else can find them. When you find something, you won't just write it up. You'll work directly with engineers to fix it. When you see a gap in how we detect or respond to threats, you'll close it yourself. You'll also help us think about what's next. AI introduces new attack surfaces that most security playbooks don't cover yet. Training pipelines, inference systems, model architectures, supply chain risks. You'll be the person figuring out what those threats actually look like for a fintech company and what we need to do about them. We think really big, but we ship small and incrementally. You'll build automated tools to scale what you do, contribute to how we measure security as a program, and help the whole engineering team raise their security instincts. At Range, security engineers are builders, not gatekeepers. Who you are A builder who breaks things on purpose. You go from threat model to proof of concept to remediation plan. You don't just identify risks in a spreadsheet. You demonstrate them and help fix them. Offense-minded. You've spent real time doing red team operations, penetration testing, or security research. You know how attackers actually work, not just how frameworks describe them. Curious about AI. You have growing expertise in AI/ML security, or you're deeply motivated to develop it. You're thinking about prompt injection, model poisoning, data exfiltration from training pipelines, and the attack surfaces that most teams haven't mapped yet. Independent and collaborative. You can run a complex assessment solo and then sit with an engineering team to explain what you found and why it matters. You make security feel like a partnership, not a penalty. AI-native. You're already using AI every day as core infrastructure. You see it as the thing that makes one security engineer dramatically more effective. You care about outcomes. You connect every finding back to real risk for real members. You prioritize what actually matters over what looks impressive in a report. What we’re looking for - 6+ years of professional security engineering experience - Deep hands-on experience with offensive security: red teaming, penetration testing, or vulnerability research - Experience assessing cloud infrastructure security, preferably AWS (EC2, ECS, RDS, S3, IAM, and similar) - Ability to develop custom tools and automation for security testing (Python, Go, or similar) - Experience analyzing and exploiting web application vulnerabilities - Strong understanding of threat actor techniques, tactics, and procedures - Ability to translate technical security findings into clear, actionable recommendations for engineering teams - Bachelor's degree in Computer Science, Cybersecurity, or a related field, or equivalent practical experience What will set you apart - Experience with AI/ML system security: training pipelines, inference systems, model architectures - Familiarity with AI-specific attack vectors such as prompt injection, model poisoning, or data extraction - Fintech or financial services security experience - Experience building security metrics and reporting frameworks - Startup experience - Relevant certifications (OSCP, OSCE, GXPN, or similar) Not for you if - You treat security as a compliance checkbox. - You'd rather write a policy doc than prove an exploit. - You need a fully scoped engagement plan before you can start testing. - You're offended by the idea that AI changes everything about this job. - You optimize for consensus over conviction. Benefits - Health & Wellness: 100% employer-covered medical insurance for employees (75% for dependents), plus dental and vision coverage - 401(k): Retirement savings program to support your future - Paid Time Off: time to reset and recharge + most federal holidays - Parental Leave: Comprehensive leave policy for growing families - Meals: Select meals covered throughout the week - Fitness: Monthly movement stipend - Equity & Career Growth: Early exercise eligibility and a strong focus on professional development - Annual Compensation Reviews: Salary and equity refreshes based on performance - Boomerang Program: After two years at Range, you can take time away to start your own company. We’ll hold your spot for 6 months - and pause your equity vesting, which resumes if you return Range is proud to be an equal opportunity workplace. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. As a company, we are committed to designing products, building a culture, and supporting a team that reflects the diverse population we serve.