Chime

About the Company

Chime was created because we believe everyone can unlock financial progress, and we want to develop solutions and services to empower people to succeed. The premise upon which we started Chime is simple: basic banking services should be helpful, transparent, and easy. Our easy-to-use tools and intuitive platforms give members the ability to have more control over their money and to take action toward achieving their financial ambitions.

By designing a member-centric banking app with easy-to-understand financial tools, we're creating a more competitive market with options for everyday Americans. We offer access to accounts with no overdraft fees, provide members the chance to receive their pay up to 2 days early* with direct deposit, help them build credit history, and build financial literacy to hit their goals--among many other things.

Since 2012, we've grown our team to more than 1300 Chimers across 3 offices. But more than that, we've expanded the products and services we offer to our members based on member feedback. And in doing so, we've disrupted the banking industry and changed the conversation for everyday people about money on a national level.

Chime is a financial technology company, not a bank. Banking services are provided by The Bancorp Bank, N.A. or Stride Bank, N.A., Members FDIC.

*Early access to direct deposit funds depends on the timing of the submission of the payment file from the payer. We generally make these funds available on the day the payment file is received, which may be up to 2 days earlier than the scheduled payment date.

Listed Jobs

Company Name

Chime

Job Title

Senior Application Security Engineer

Job Description

Job title: Senior Application Security Engineer Role Summary: Lead security for mobile (iOS/Android) and backend/API systems. Conduct code, architecture, and penetration reviews. Drive secure design early in the product lifecycle. Automate security workflows, including AI‑enabled triage and threat modeling. Collaborate with engineering and product teams to embed security without delaying delivery. Expactations: • Build and refine security capabilities and guardrails for mobile and backend services. • Conduct application and API penetration testing and vulnerability triage. • Perform secure architecture and code reviews across iOS, Android, APIs, and backend services. • Leverage AI to accelerate security practices (e.g., code analysis, triage, threat modeling). • Communicate risks, trade‑offs, and remediation guidance to engineering partners. • Partner with engineering teams to embed security into the development lifecycle. Key Responsibilities: 1. Review and influence secure design decisions for mobile and backend architectures. 2. Perform static and dynamic mobile security testing, including penetration tests on production builds. 3. Identify, triage, and coordinate remediation of vulnerabilities across all product lines. 4. Implement automation and guardrails in CI/CD pipelines for security checks. 5. Use AI tools to support code reviews, threat modeling, and vulnerability triage. 6. Produce risk and threat reports, and recommend mitigations. 7. Stay current with mobile threat models, platform security features, and attack techniques. Required Skills: • 5+ years in application security, covering mobile and backend systems. • Hands‑on expertise securing iOS and Android in production. • Proficiency in static and dynamic mobile security testing techniques. • Deep understanding of mobile threat models, attack vectors, and platform security features/limitations. • Practical coding experience in Ruby, Go, or Python. • Experience with secure data storage, authentication, authorization, secure communication, and session/token handling. • Strong communication skills for explaining risks and remediation to engineering partners. Required Education & Certifications: • Bachelor’s degree in Computer Science, Cybersecurity, or related field (preferred). • Relevant security certifications (e.g., CISSP, GIAC, OSCP, or equivalent) are advantageous.

San francisco, United states

Hybrid

Senior

16-03-2026

Company Name

Chime

Job Title

Lead Analyst, Security

Job Description

**Job title:** Lead Analyst, Security **Role Summary:** Lead a Security Operations Center (SOC) team, orchestrating incident detection, investigation, and response for network, host, and cloud environments. Drive the continuous improvement of security posture, threat intelligence, and IR capabilities while coordinating with engineering, fraud, and other cross‑functional stakeholders. **Expectations:** - Serve as a technical leader for the SOC, managing day‑to‑day operations and escalation. - Execute incident response, root‑cause analysis, and recovery actions. - Mentor and develop junior analysts. - Contribute to program, policy, and tool enhancements. - Collaborate on security objectives and OKRs. **Key Responsibilities:** - Monitor and analyze security events across on‑premises and cloud infrastructure. - Investigate alerts using SIEM, endpoint detection, and threat intelligence platforms. - Perform digital forensics, malware analysis, and incident triage. - Coordinate response actions, containment, eradication, and recovery. - Conduct threat hunting to identify adversary tactics, techniques, and procedures. - Document findings, playbooks, and post‑mortems. - Engage in red/blue/purple teaming and penetration testing exercises. - Liaise with engineering, product, and fraud teams to remediate vulnerabilities. - Maintain and evolve incident response frameworks (MITRE ATT&CK, Cyber Kill Chain, NIST). - Support policy development and compliance initiatives. **Required Skills:** - 6+ years of cybersecurity experience, 4+ years in SOC/CSIRT environments. - Proficiency with SIEM, SOAR, endpoint detection & response tools. - Strong knowledge of network and host security, cloud security (IAM, VPC, Container). - Hands‑on threat hunting, incident investigation, and digital forensics. - Familiarity with MITRE ATT&CK, NIST, Cyber Kill Chain. - Experience with network devices (routers, switches, firewalls) and cloud architectures. - Excellent communication, teamwork, and mentoring abilities. - Ability to manage multiple priorities and adapt to evolving threats. **Required Education & Certifications:** - Bachelor’s degree in Computer Science, Cybersecurity, Information Assurance, or related field. - Certifications preferred: CISSP, CISM, GCIH, GIAC Security Analyst (GSEC), or equivalent. - Cloud security certifications (AWS SysOps, Azure Security, GCP Security) are a plus.

San francisco, United states

Hybrid

Senior

17-03-2026