Senior Lead Security Engineer – Bot Management

Best Egg is a market-leading, tech-enabled financial platform helping people build financial confidence through a variety of installment lending solutions and financial health tools. We aim to help customers make smart financial decisions and stay on track, so they can be money confident no matter what life throws at them.

We offer top-tier benefits and growth opportunities in a culture built on our core values:

Put People First – We foster an inclusive, flexible, and fun workplace.

Create Clarity – Open communication drives trust and results.

Get Things Done – We focus, prioritize, and deliver with excellence.

Deliver with Heart – We lead with kindness, humility, and strong teamwork.

Listen to Our Customers – Their needs drive our innovation.

Barclays has entered into an agreement to acquire Best Egg with closing expected to take place in Q2 2026. This acquisition will give us the resources and capital to continue on our mission and drive our strategy forward. With an aligned culture, lower cost of funds, and increased employee growth opportunities across a global brand, we are excited about the future of the Best Egg brand under the Barclays umbrella.

We are looking for collaborative, innovative team players who like to solve problems. There will also be immense opportunities for those willing to dive in. If you're inspired by growth and want to make a real difference, Best Egg is the place for you.

 We’re proud to be an equal opportunity employer committed to building a diverse, inclusive team.

The Senior Lead Security Engineer – Bot Management is a key member of the Information Security organization responsible for developing, deploying, and maturing Best Egg’s enterprise bot-mitigation and service-abuse prevention strategy. This role leads the engineering and cross-functional coordination required to protect customer-facing channels and backend services from automated abuse, fraudulent activity, and system-degrading traffic, while contributing to long-term resiliency and service stability.

This position is well-suited for experienced security, fraud, or application engineers who have worked with high-scale web systems and are seeking to specialize in bot mitigation and automated-abuse prevention. While direct bot-management experience is valuable, it is not required; success in this role is driven by strong engineering fundamentals, analytical ability, and the capacity to lead complex, cross-functional efforts.

• Design, deploy, and optimize bot-mitigation and service-abuse controls, including WAF configurations, rate limiting, behavioral/velocity checks, challenge/attestation frameworks (e.g., Cloudflare Turnstile), device-telemetry validation, and API/form hardening.
• Develop and maintain automated detection capabilities leveraging IP/ASN intelligence, identity patterns, traffic analytics, and anomalous behavior models.
• Lead bot-related incident response activities, including triage, containment, root-cause analysis, and long-term remediation planning to support platform stability and operational continuity.
• Partner closely with Engineering, DevSecOps, Fraud Strategy, Fraud Operations, Data, and Product teams to integrate preventive and detective controls across the customer funnel.
• Drive the long-term bot-mitigation roadmap and capability vision in partnership with Engineering, Product, Fraud, Data, and DevOps, ensuring alignment with enterprise risk-reduction, platform resiliency, and operational efficiency goals.
• Establish monitoring, reporting, and multi-signal decisioning (signal-fusion) mechanisms to provide visibility into bot activity, control effectiveness, system performance impacts, and operational risk indicators.
• Evaluate new tools, technologies, and techniques related to bot detection, behavioral analytics, device attestation, signal fusion, and automated-abuse prevention; develop recommendations based on threat trends, performance considerations, and business requirements.
• Produce architectural documentation, detection logic specifications, technical standards, and operational runbooks that support scalable and repeatable defense capabilities.
• Guide engineering teams in embedding resilient security patterns into web and API designs and influencing product flows to reduce automated-abuse exposure.
• Mentor team members and contribute to the broader security engineering and service-abuse management knowledge base.

• Bachelor’s Degree in Information Security, Computer Science, Engineering, or equivalent work experience.
• 5+ years of experience in Security Engineering, Application Security, Detection Engineering, or Fraud/Abuse/Risk Engineering.
• Strong understanding of web architecture, microservices, RESTful APIs, and common automation-abuse vectors.
• Experience with WAF/CDN platforms, API security, or cloud-native security constructs (AWS preferred).
• Ability to analyze high-volume web data to identify automated, anomalous, or abusive patterns.
• Familiarity with automation or scripting languages (e.g., Python) for detection logic, data analysis, or security-control deployment.
• Experience with CI/CD processes, infrastructure-as-code, and security automation tools is a plus.
• Demonstrated ability to produce high-quality technical documentation, architectural diagrams, and detection logic specifications.

• Proven ability to lead complex cross-functional initiatives involving Engineering, DevOps, Product, Data, and Fraud teams.
• Comfortable interpreting, validating, and challenging business and technical requirements related to service-abuse prevention and automated-traffic protection.
• Ability to clearly communicate technical concepts, risk implications, emerging trends, and recommended actions to stakeholders at all levels.
• Demonstrated experience influencing engineering architecture, operational processes, and product decisions to strengthen security controls and system resiliency.
• Strong organizational skills, capable of driving multi-team execution while maintaining clarity of priorities and timelines.
• Ability to coach and mentor team members and contribute to the maturity of the broader security engineering function.

• Advocates for Agile methodologies, iterative improvement, and cross-functional collaboration.
• Effective operating in a fast-paced environment emphasizing shared ownership, service reliability, and partnership across disciplines.
• Committed to continuous learning and staying current with emerging threats, automation techniques, bot-evasion tactics, and advancements in bot-mitigation technologies.
• Able to challenge assumptions constructively and support consensus-driven decision-making.
• Values knowledge sharing and contributes to organizational capability-building.
• Works effectively both independently and as part of a team.
• Excellent written and verbal communication skills.

Employee Benefits

Best Egg offers many additional benefits for our employees, including (but not limited to):

·       Pre-tax and post-tax retirement savings plans with a competitive company matching

program

·       Generous paid time-off plans including vacation, personal/sick time, paid short--

term and long-term disability leaves, paid parental leave, and paid company

holidays

·       Multiple health care plans to choose from, including dental and vision options

·       Flexible Spending Plans for Health Care, Dependent Care, and Health

Reimbursement Accounts

·       Company-paid benefits such as life insurance, wellness platforms, employee

assistance programs, and Health Advocate programs

·       Other great discounted benefits include identity theft protection, pet insurance,

fitness center reimbursements, and many more!

#LI-REMOTE

In compliance with the CCPA, Best Egg is fully committed to handling the personal information and data of employees and job applications responsibly with respect and due care. Review our CCPA Employee Policy  here