StaffSecurityEngineer

About Collective: Collective is on a mission to redefine the way businesses-of-one work. Our technology and team of trusted advisors help members achieve financial independence by taking care of everything from business incorporation to accounting, bookkeeping, tax services, and access to a thriving community, all in one integrated platform. We believe in empowering self-employed people to enjoy the same tax savings that big companies get, so they can focus on their passion, not paperwork. Featured in Forbes, Business Insider, Yahoo, Bloomberg, Financial Times, TechCrunch, and more. We are backed by General Catalyst, Sound Ventures (Ashton Kutcher and Guy Oseary), QED Investors, Google’s Gradient Ventures, Expa, and other investors who have financed iconic companies like YouTube, Substack, Twitch, Box, Hims, Instacart, and Lyft. About the role: We're hiring a Staff Security Engineer to own the security of Collective's member platform end to end — from how code is written and tested to how data is protected and how our systems authenticate. This is a senior individual contributor role with broad product-security scope: you'll embed security into the development lifecycle, lead threat modeling and security reviews across the platform, and own the authentication, authorization, and compliance systems that keep our members' financial and tax data trustworthy. As Collective expands its use of AI and agent-based workflows, you'll shape how those systems authenticate and operate securely. You'll work closely with Engineering, Product, and Legal to make security a first-class property of everything we ship — without slowing the team down. What you'll do:  - Own the end-to-end authentication and authorization architecture across Collective's member platform, including session management, role-based access control, and the emerging patterns needed to secure agent-based workflows and service-to-service communication. - Drive CCPA compliance across the platform, partnering with