Staff Security Engineer

Order.co is the System of Action for the Office of the CFO transforming the way businesses purchase and pay into an intuitive B2C-like shopping experience. Order.co leverages embedded AI agents and embedded financial products to reinvent the way businesses connect with their vendors. 

End users enjoy a seamless zero-training buying experience while finance and procurement leaders gain a single platform to orchestrate how the business “should operate”. The result is an all-in-one solution that serves as a gravitational pull for spend and data automating and eliminating procurement and finance workflows from requisition to reconciliation along the way.

Order.co is on the cutting edge of B2B Agentic Commerce poised to be the market leader in creating a more predictive prescriptive and personalized experience for users. 

Founded in 2016 and headquartered in New York City Order.co oversees nearly half a billion in annualized spend across hundreds of customers like WeWork SoulCycle Lume and [solidcore]. Order.co has raised $75M in funding from industry-leading investors like MIT Stage 2 Capital Rally Ventures 645 Ventures and more. Order.co has been proudly named a 50 to Watch by Spend Matters and a Best Place to Work by BuiltIn and Inc. Magazine.

Own technical direction and execution of security initiatives that protect company data and improve systems security driving impact across multiple teams or systems. At this level your scope is cross-team. You set the security architecture others build against lead complex initiatives and develop senior engineers toward the next level.

• Own Platform team-level architectural security decisions; research design and own security frameworks evolution paths and technical debt strategy while others build against your direction
• Lead and contribute to large complex security initiatives; decompose work coordinate execution and surface risks before they become incidents
• Proactively detect and remediate security vulnerabilities with discernment using AI tooling as an accelerant while applying rigorous judgment on correctness and risk
• Champion security standards testing patterns and observability; driving improvements in security beyond your immediate team by embedding security in the software development lifecycle and infrastructure changes
• Mentor senior engineers toward Staff-level behaviors; your impact compounds through the engineers you develop not just the code you write
• Align multiple teams on security strategy; translate business goals into secure system design and represent security strategy in organizational discussions

• You measure success by the team's security posture and system health not your own contributions alone
• You self-direct technical improvement work beyond the product roadmap. You identify what needs to change and drive it without waiting to be asked
• You develop others. Your presence makes engineers around you more effective and higher-scope
• You've owned production systems at scale and made security trade-offs under real constraints
• Proficiency in Ruby on Rails and PostgreSQL including understanding the framework's security tools (Active Record encryption CSP sanitization asynchronous background processing).
• Hands-on security experience with AWS infrastructure as code and CI/CD at scale
• Expert-level knowledge of network security operating systems (Linux) and cloud platforms
• Experience with NIST ISO27001 CIS MITRE ATT&CK CSA CCM SOC2 GDPR frameworks
• Strong track record with cloud security API security secure software development threat modeling identity and access management network segmentation vulnerability management incident response and compliance-driven security controls

Shadow tech lead everywhere — takes over instead of enabling others. Ivory tower architect — designs without accounting for implementation reality. Invisible impact — does good work but doesn't communicate or scale it. Super coder bottleneck — writes all critical code instead of growing others who can.

Round

Format

What We Evaluate

1 — Hiring Manager Screen

60 min conversational

Career trajectory mentorship philosophy cross-team influence examples communication style

2 — Secure System Design Case Study

60 min live discussion

Cross-team scope architecture trade-offs technical debt strategy AI-augmented design segment

3 — Live Coding Exercise + AI Proficiency

60 min live coding

Navigating unfamiliar code root-cause debugging code quality judgment AI tool usage

4 — Team Interview

2 × 45 min

Collaboration engineering development multi-team initiative narrative

5 — Culture Add

30 min People Team

Organizational values alignment

AI coding assistants are allowed in Rounds 2 and 3. We observe how you use them not whether you use them.

• Competitive compensation including base salary bonus and equity
• Employer-sponsored 401(k) with match
• Comprehensive medical dental and vision coverage
• Flexible time off and hybrid work environment

The anticipated annual salary range for this role is $180000 - $220000. Actual compensation and title will be commensurate with experience qualifications knowledge and skills.

What We Do

Our strength has always been our unique edge: transforming how businesses connect with vendors through our marketplace. We're not just improving workflows - we're redefining how procurement operations accounting and payments come together to drive efficiency and innovation. Every step - requisition approval payment and reconciliation - is curated and automated to make purchasing across all your vendors locations and teams as easy as purchasing for your personal lives. Founded in 2016 and headquartered in New York City Order.co oversees nearly half a billion dollars in annualized spend across hundreds of customers like WeWork SoulCycle and Lume. Order.co has raised $70M+ in funding from industry-leading investors like MIT Stage 2 Capital Rally Ventures 645 Ventures and more. Order.co has been proudly named as a 50 to Watch by Spend Matters and a Best Place to Work by BuiltIn and Inc. Magazine.

Why Work With Us

With our core values as our North star Order.co and its team work tirelessly to foster an inclusive psychologically safe environment where team members are empowered to do their best work. We pride ourselves on solving hard problems in order with humility and most importantly together.

Gallery