YNAB: Humbly Assured Safety Engineer

January 15, 2026

10

Headquarters: Worldwide! We're absolutely distant.

URL: https://www.ynab.com/

About Us and Why We’re Hiring

We’re YNAB (“why-nab”), a monetary training firm with a mission: to assist folks get good with cash in order that they by no means have to fret about cash once more. For over 20 years, YNAB’s confirmed technique has been altering lives—and other people can’t cease telling their mates in regards to the distinction it’s made. Suppose: debt paid off, marriages strengthened, objectives achieved, stress erased, and sleep lastly restored. However don’t simply take our phrase for it—dive into our vibrant communities on Fb, TikTok, and Reddit (actually!) or skim by our glowing app evaluations. You’ll shortly see why folks rave about YNAB and why we’re so keen about creating one thing that actually adjustments lives for the higher.

Earlier than we may help folks get good with cash, they should belief YNAB with non-public particulars of their lives. And to those that work right here, YNAB embodies years of relentless effort to craft one thing uniquely great. Honoring that belief and defending the corporate we’re happy with is why this place exists. Our safety workforce is devoted full-time to safeguarding YNAB, and so they have a single major consequence to attain:

Maintain YNAB Safe.

If the considered anchoring our dedication to defending YNAB and its prospects resonates deeply, you’re our audience—please learn on.

What We’re Trying For:

Laborious Necessities

To be thought of for this function, you need to:

Have no less than two years of hands-on expertise in safety engineering, software program engineering, DevOps, IT safety, or a carefully associated technical subject.
Have sensible expertise with software safety (for instance: performing code evaluations, risk modeling, working with builders on safe design, or utilizing SAST/DAST instruments).
Have expertise constructing, sustaining, or monitoring safety logs—ideally with DataDog, however comparable methods (Splunk, ELK, CloudWatch, and so forth.) are fantastic.
Stay in the USA, in both the Central (UTC-6) or Japanese (UTC-5) timezone, and be approved to work right here with out sponsorship.

Most well-liked {Qualifications}

These aren’t required, however are prone to set you up for fulfillment:

Some degree of formal technical training and/or a security-related certification (corresponding to CISSP, CEH, Safety+, CC, CCSP, Pentest+, or comparable).
Proficiency in no less than one fashionable programming or scripting language (e.g., Python, Go, Java, JavaScript).
Familiarity with safety frameworks corresponding to SOC 2, ISO 27001, NIST, or CIS Controls.
Expertise working at a expertise and/or SaaS firm.
Publicity to regulated industries (e.g., finance, healthcare).
Consolation working cross-functionally with engineering, help, or compliance groups.

Word: In the event you consider you’re a match for this function, however don’t meet our most well-liked {qualifications}, we nonetheless encourage you to use. Whereas our exhausting necessities are non-negotiable, we’re in any other case open-minded, and don’t want you to be the right candidate on paper.

Life at YNAB

That’s a fast snapshot of what we’re searching for. Earlier than we go additional, let’s ensure you’re enthusiastic about working with us. We’ll share extra about YNAB, then dive into the function particulars and software course of (remember to learn all the way in which to the top!).

YNAB began in 2004 and we haven’t taken any exterior funding—we’re established, worthwhile, and on this for the lengthy haul. We’ve got one overarching requirement in relation to becoming a member of our workforce: our unique Core Worth Manifesto has to actually click on with you. In the event you’re nodding emphatically whereas studying it, you’ll in all probability prefer it right here!

We stay our Core Values daily at YNAB, and we imply it once we say we’re an equal alternative employer. We consider a range of backgrounds, talents, and experiences is essential to our success, and we’re keen about making a welcoming and supportive setting for each worker. All are inspired to use as we proceed rising a sensible, hard-working, and various workforce that loves constructing one thing that issues.

We additionally work actually exhausting, collectively, to make working at YNAB a tremendous expertise. We’re (humbly) proud to have acquired lots of Fortune’s “Nice Place to Work” awards through the years, together with #1 two years in a row! We’ve got a workforce of really distinctive folks—the type you’ll be delighted to work with. Let’s introduce you to a couple of them!

Who You’ll Work With

You may work most carefully with Kendal (our Safety Lead), and Chris (our Techniques Administrator), whereas collaborating with the broader Engineering division (which incorporates groups of QA analysts, full stack, iOS, and Android engineers).

Kendal develops and implements our safety roadmap, from technical safety to governance, threat and compliance. She lived in London for six years earlier than shifting again residence to South Africa in 2024. When she isn’t securing stuff, she’s spending time in Cape City’s mountains and oceans.

Chris is our methods administrator, which is a flowery title for a expertise generalist. Day in and time out, Chris helps to verify everybody at YNAB has the instruments to do their job, entry to the methods wanted to do their job, and a bit little bit of “we’re undecided who must be doing this”. Exterior of YNAB, Chris is a center grade creator writing books for teenagers who’d relatively not be studying.

No matter their various jobs, everybody in Engineering has one factor in frequent: They’re a pleasure to work with. You gained’t discover heated arguments and raised voices right here. We save our aggressive spirit for YNAB’s exterior rivals (or the occasional on-line recreation session), however internally we construct up our teammates and have a good time their successes. All of us love to resolve issues in inventive methods, and we repeatedly take time to geek out and present one another one thing cool we constructed or discovered to make our lives simpler.

Although you’ll be embedded in Engineering, you’ll in all probability cross paths with many individuals at YNAB in some unspecified time in the future. We are able to’t checklist all of them, however we will say that we’re all excited to get to know you!

How You’ll Work at YNAB

Now that you just’ve discovered about a few of your future teammates, let’s discuss extra about YNAB and what it’s prefer to work right here.

Constructing a Good Firm

At YNAB, we predict top-of-the-line issues we will provide is the prospect to do significant work alongside folks you respect, admire, and genuinely take pleasure in. And we imply that—from the start, we’ve been intentional about creating the corporate we need to work for.

Alongside the way in which, we’ve discovered that nice groups aren’t constructed on perks or fancy titles—they’re constructed by bringing collectively excessive performers who thrive on powerful challenges and share a dedication to doing distinctive work. We worth self-discipline and possession over pointless layers of course of, and search for individuals who get up excited to get essential issues finished.

That’s the workforce we’re constructing at YNAB: one which cares deeply, works pragmatically, and all the time finds time to chuckle (largely at ourselves).

Stay (Virtually) Wherever You Need

We’ve all the time been a completely distant workforce, and have folks all around the world. For this specific place, nevertheless, we’re searching for somebody based mostly in the USA, in both the Central (UTC-6) or Japanese (UTC-5) timezone. Wherever inside these time zones is okay, although. Simply ensure you have a dependable web connection. (Like, a very good one. Please.)

Work 4 Days a Week

We’ve adopted a four-day work week and infrequently work greater than that. There are events and seasons the place issues get busy and other people put some further time in—however then we encourage them to take some further day off, too. We’re a product-led group that takes our work-life stability significantly, so all of us prioritize working exhausting and good, however at a measured tempo. We care deeply about what we do, however we additionally love our households and about 2,000 different issues. We’ve got perspective and, in the end, we predict it makes us—and our work—even higher.

Flex Your Work Schedule

As a distant workforce, a variety of our work is completed asynchronously. Exterior of your conferences and on-call occasions, we belief you to set your schedule by balancing your workforce’s wants with your personal wants. You don’t must ask for permission to take off early for a day appointment, or be “energetic” on Slack if you happen to’re working deeply on a challenge. We take a look at what you accomplish, not how lengthy you are in entrance of a pc.

Take Trip (Significantly)

We wish you to take trip. In truth, we now have a minimal trip coverage of three weeks per yr. 5 weeks feels about proper (plus two further weeks for our company-wide December Break). It’s essential to get loads of downtime and to get out and do one thing. We’ll stay up for seeing photos of your adventures in our #office-wall Slack channel!

Meet the Crew IRL

We love distant work round right here, however we additionally love getting collectively in particular person. You’ll usually have the chance to satisfy together with your YNAB teammates no less than annually, at a small-team work-focused meetup or at our biennial firm retreat. On the YNAB retreat, we like to atone for spreadsheets and powerpoints in a Greatest Western convention room. Simply kidding. To offer you an concept, we’ve been to Costa Rica, a gigantic cabin within the mountains, a ranch in Montana, Palm Springs, and most just lately, Cape Cod. We work collectively, play collectively, and strengthen the bonds we’ve made as a workforce and firm. On the finish of every retreat, we really feel energized, impressed, and excited to sort out the work forward.

Up Your Sport

We’re critical about serving to you enhance your craft, and can offer you an expert improvement stipend every year. Suppose conferences, on-line programs, teaching, and devoted time away from work to be taught one thing new. We like to see our folks develop!

Different Advantages

Our workforce is unfold all around the world—largely in the USA, but in addition within the UK, Canada, Germany, Brazil, Mexico, and several other different nations. Everyone seems to be eligible for our beneficiant paid household depart, trip, holidays, and sick time.

Because you’re based mostly in the USA, you’ll even be eligible for our well being, dental, and imaginative and prescient insurance coverage, the place we cowl 100% of the premium for you and your loved ones. No must verify your imaginative and prescient, you learn that proper—100%. (Though if you happen to did must verify your imaginative and prescient, NBD, we’ve bought you coated!)

We even have a Conventional and Roth 401(okay) choice, the place YNAB matches your contributions as much as six p.c with instant vesting. (Are you a private finance junkie like our founder Jesse? He arrange YNAB’s 401k to have the bottom price construction potential, the place all plan prices are paid by YNAB, not your retirement nest egg. The funding funds obtainable are improbable, passively-managed, extremely low-cost index funds. Not a PF junkie? Belief us, it’s superior.)

Aggressive Compensation

At YNAB, we’re devoted to offering equitable, market-driven, and data-informed compensation, together with a aggressive advantages package deal. The beginning wage for this function will vary from $120,000 – $140,000 USD yearly. (This covers a variety of potential expertise; consider it like a bell curve. Most candidates fall someplace across the midpoint.) You may even be eligible for an annual increase and profit-sharing twice a yr. When YNAB succeeds, so do you—that’s the thought.

A Few Ultimate Tidbits

When you begin, we DEMAND (in a pleasant, ALL CAPS IS YELLING method) that you just fill out your “Bucket Checklist” spreadsheet with 50 gadgets. (That’s more durable than it sounds!)
We like to have a good time with you if you full one thing in your bucket checklist—AND, we love utilizing your bucket checklist as inspiration to your birthday current!
We wish you firing on all cylinders, so we’ll set you up with a shiny new laptop and substitute it each three years.
Did we point out that YNAB makes an enormous, constructive distinction in folks’s lives? You could not suppose that issues a lot, however then a couple of months down the highway, you’ll notice it’s made your job actually, actually pleasant. Don’t underestimate this!

If this seems like your splendid setting, learn on as a result of now we need to discuss you, and the way you’ll play a giant half in altering folks’s lives.

Now again to you, our new Safety Engineer…

On this hands-on, extremely technical function, you’ll be a part of forces with Kendal to make YNAB Even Extra Safe™. (Okay, it’s not a trademark, however we felt prefer it deserved capitalization as a result of we’re simply that grateful for you two.)

Whereas Kendal is concentrated on higher-level compliance and threat administration, you’ll be targeted on technical safety implementation and safety structure help. In true workforce vogue, you’ll each share accountability for incident response and monitoring (that is the place your timezone is useful; you’ll be obtainable when Kendal just isn’t, and vice versa).

To say a bit extra about every of these:

Technical Safety Implementation

You’ll be hands-on with implementing safety controls and processes. On a day-to-day foundation, you’ll:

Configure and preserve safety tooling throughout the group, together with monitoring methods, vulnerability administration platforms, and automatic safety processes.
Implement and optimize entry controls, authentication methods, and knowledge safety measures.
Write automation scripts, analyze safety logs, and assist preserve our safety infrastructure.
Assist preserve safety requirements, tips, and finest practices.

Safety Structure Help

You’ll work with our Engineering workforce to design and implement safe methods and assist guarantee safety is constructed into our merchandise from the bottom up. To take action, you’ll:

Collaborate with engineers to combine safety into the event lifecycle by actions like safe code evaluations, risk modeling, and design consultations.
Conduct safety testing of latest options and methods, together with vulnerability assessments and safety evaluations.
Carry out safety assessments to proactively establish potential points, according to safety by design ideas.

Incident Response and Monitoring

You’ll assist monitor our safety panorama, examine potential threats, help with incident response, and contribute to our steady enchancment of safety practices. Alongside Kendal, you’ll:

Monitor safety occasions, analyze threats, and reply to safety incidents with applicable containment and remediation actions.
Help bug bounty program actions and coordinate responses to exterior safety reviews.
Analysis rising threats and preserve consciousness of safety traits related to our expertise stack.

You’re the particular person we’re searching for if:

You’re keen about constructing safe methods and defending our customers.
You’re excited to dig into the technical particulars. You thrive on fixing advanced technical issues and aren’t afraid to be taught new applied sciences.
You stability thoroughness with pragmatism—you realize when to dig deeper and when to maneuver ahead with the knowledge you’ve gotten.
You talk nicely with each technical and non-technical teammates, and revel in collaborating throughout completely different groups. You pleasure your self on being approachable and straightforward to work with.
You take pleasure in considering exterior of the field in relation to safety and compliance. Fairly than blocking progress, you think about all decisions earlier than making a choice, adapt if you obtain new data, and know the correct answer is the one which works finest for YNAB.
You’re desperate to dive deep into significant safety challenges, whereas rising your experience.

In abstract: In the event you’re technically expert, security-focused, and excited to assist hold YNAB secure… we hope you’ll apply!

Tips on how to Apply

Submit your software right here (together with what’s listed beneath) by Sunday, January twenty fifth at 11:59pm PT. Agency. It’s an actual deadline.

What to incorporate in your software:

A resume. In the event you don’t have an up to date formal resume, that’s fantastic! An off-the-cuff overview of your work historical past and training is all we’re searching for.
A canopy letter and solutions to a couple particular questions. This isn’t your typical cowl letter—skip the fluff and formalities, and simply assist us get to know you.

On web page 1: We’d love so that you can inform us a bit about your self, what drew you to work in safety, why you’re on this function at YNAB, and why you suppose you’d be an awesome match.
On web page 2 onward: Please reply these questions three:

1. Inform us a couple of time if you had been satisfied you had been proper about one thing at work, however later modified your thoughts. What swayed you? Please reply in 1-2 paragraphs.
2. How have you ever honed your craft in safety engineering, and the way do you see your self persevering with to develop your abilities sooner or later? Be at liberty to share particular methods, sources of knowledge or inspiration, and/or your normal strategy. Please reply in 1-2 paragraphs.
3. Think about you’re our Safety Engineer. You’ve simply found a probably essential vulnerability in a third-party dependency utilized in our codebase. Now it’s your job to validate the vulnerability and lift it to the engineering workforce liable for remediation. Please craft a 1-2 paragraph vulnerability report as if you’re writing on to them. (Be at liberty to make assumptions about this state of affairs to information your response.)

Suggestions:

Please be your self! ChatGPT can sit this one out.
In the event you meet our exhausting necessities and observe the appliance directions, we promise an actual human will overview your supplies.
Although we all know it’s customary in some areas, please don’t share a headshot wherever in your software supplies.
You’ll solely be capable to apply as soon as, so be certain that your solutions are ultimate earlier than you click on submit. (You can begin your software and are available again to it later.)
Maintain an eye fixed out for an e-mail from @pinpoint.e-mail titled Thanks for making use of to YNAB! This confirms your software has been acquired. In the event you don’t obtain it, please apply once more.
If we may help with an accessibility want, e-mail us at lodging@ynab.com and point out within the topic line that you just’re making use of for the Safety Engineer function. (Please notice that we will solely reply to messages associated to lodging at this e-mail.)
Lastly, please click on right here for a top level view of what this hiring course of will appear to be. It’s rigorous, however in truth, folks say it’s enjoyable!

We stay up for listening to from you!

P.S. In the event you’re not on this place proper now, however know somebody who may be, we’d admire you passing this alongside!

To use: https://weworkremotely.com/remote-jobs/ynab-humbly-confident-security-engineer

Previous articleThe Tim Ferris Present Transcripts: Steve Younger, from Tremendous Bowl MVP to Managing Billions — Corridor of Fame 49ers Quarterback on Excessive Efficiency, Reinvention, Religion, and Learn how to Mix Desires and Plans (#847)

Next articleUnlock Your Core Genius: An Built-in Path to Readability, Confidence, and Profession Stream