Cybersecurity Engineer

Our Mission

Acorns empowers the next generation to build financial well‑being through micro‑investing. Our mission drives every decision and deepens our commitment to our customers’ future.

We lead with purpose, boldness, trust, growth, and doing it. These values shape culture, guide strategy, and inspire action.

• Lead With Heart – Inspire compassion, integrity, and tenacity.
• Make Bold Decisions – Be optimistic, adventurous, and courageous.
• Always Build Trust – Say what you mean and do what you promise.
• Never Stop Growing – Persist with curiosity and relentless progress.
• Find a Way – Never settle; make the impossible happen.

Acorns seeks a highly motivated and experienced Cybersecurity Engineer I to join our Global Infosec team. Focus on securing platforms, applications, and infrastructure to protect both our company and the financial well‑being of customers in the US and UK.

Acorns is a remote‑first organization, offering flexibility to work remotely while providing optional access to office space in Irvine, CA.

Design, deploy, and manage security tools and infrastructure to detect and prevent threats across cloud (AWS and GCP), corporate, and product environments. Work collaboratively with engineering and product teams to integrate security into the SDLC via threat modeling, code reviews, and automated testing. Conduct security assessments, penetration testing, and vulnerability management. Serve as an escalation point for incidents. Automate security tasks and implement security‑as‑code practices.

Secure endpoints and manage EDR, DLP, MDM, Zero Trust, patching, and configuration management. Stay current with the latest threats and recommend proactive measures.

• Design, deploy, and manage security tools and infrastructure to detect and prevent threats across cloud (AWS and GCP), corporate, and product environments.
• Work collaboratively with engineering and product teams to integrate security into the SDLC (Secure Software Development Life Cycle) via threat modeling, code reviews, and automated testing.
• Conduct security assessments, penetration testing, and vulnerability management to identify and remediate risks in our applications and services.
• Serve as an escalation point for security incidents, assisting with investigation, response, and post‑incident analysis to continuously improve our security posture.
• Automate security tasks and implement 'security-as-code' practices to scale our security efforts efficiently.
• Secure endpoints and manage Endpoint Detection and Response (EDR), Data Loss Prevention, MDM (Mobile Device Management), Zero Trust, Patching, and Configuration Management for corporate and production assets.
• Stay current with the latest cybersecurity threats, trends, and technologies, recommending proactive measures to enhance defense mechanisms.

• 3+ years of professional experience in a dedicated cybersecurity role, focusing on application, infrastructure, or cloud security.
• Application Security Expertise:
  Demonstrated experience with application security principles, secure coding practices, static/dynamic analysis (SAST/DAST) tools, and conducting design reviews.
• Proven expertise with securing cloud environments, preferably AWS, including knowledge of services like IAM, Security Hub, Guard Duty, and Lambda.
• Strong hands‑on experience in Security Configuration Management, ensuring infrastructure as code (IaC) templates (Terraform, Cloud Formation) and production systems adhere to security baselines.
• Experience implementing and managing Endpoint Detection and Response (EDR) or other endpoint security solutions for corporate and production assets.
• Strong hands‑on experience with vulnerability scanners and SIEM/SOAR platforms.
• Proficiency in at least one scripting language (Python, Go, or Shell) for automation and tool development.
• Excellent communication skills with the ability to articulate complex security risks and solutions to technical and non‑technical stakeholders.

• Competitive salary and stock options.
• A comprehensive benefits package for you and your family.
• Flexible work location, hours, and paid time off.
• 401(k)…