Senior Software Engineer, Product Security

Senior Software Engineer, Product Security at Carta

Carta is seeking a Senior Software Engineer, Product Security to help build secure software across our product platform. In this role you will collaborate with product, engineering and security teams to design, implement, and validate security controls, perform threat modeling, conduct secure code reviews, and support incident response and vulnerability management.

What you’ll do

• Lead secure software development practices across Carta's products and engineering teams.
• Perform threat modeling, secure design reviews, and security testing (static/dynamic analysis).
• Develop and maintain security tooling and processes to speed secure delivery.
• Collaborate with product managers and engineers to embed security early in the product lifecycle.
• Respond to security incidents, reproduce issues, and drive remediation with cross-functional teams.

What we're looking for

• 5+ years of experience in software security or security engineering.
• Strong knowledge of secure SDLC, threat modeling, and risk assessment.
• Proficiency in at least one programming language commonly used in web services (e.g., Python, Java, Go, JavaScript).
• Experience with cloud environments (e.g., AWS) and security tooling (SAST/DAST, dependency checking).
• Excellent collaboration and communication skills to work with product and engineering teams.

Nice-to-have

• Industry security certifications or prior exposure to fintech domain.
• Experience with incident response, vulnerability management, and governance programs.

About Carta

Carta is a leading fintech company focused on equity management, cap tables, and ownership solutions for private companies and investors.