Astra

Build and improve release confidence systems, environment fidelity, test infrastructure, and developer productivity tools to enhance software release safety and velocity. | Requires 5+ years in software engineering, experience with distributed systems, asynchronous workflows, and building automation and testing frameworks, with a focus on reliability and operational observability. | Senior Platform Engineer, Quality Systems Location: Remote (US) Type: Full-time Experience: 5+ years About Astra Astra is a high-impact engineering team building mission-critical financial infrastructure. Our fintech platform powers payment processing, fraud detection, and financial compliance for businesses handling 100M+ in weekly transaction volume. We maintain 99.9%+ uptime, process complex cross-border payments, and coordinate with multiple third-party financial services while meeting strict regulatory requirements. The Role We’re looking for a Senior Platform Engineer, Quality Systems to build the systems that make releases safe and fast. This is a platform engineering role with a clear mandate around release confidence and developer enablement. You’ll build test infrastructure and automated workflow validation for our core payment flows, and you’ll also own adjacent platform improvements in CI, pre-production environments, and release observability. This role requires strong systems thinking, hands-on engineering, and comfort working across distributed services and asynchronous workflows (webhooks, delayed processing, external dependencies). The goal is to help the team ship more frequently with higher confidence by building high-leverage tooling and automation that becomes part of our day-to-day engineering workflow. What You'll Do Build Release Confidence Systems: Design and implement automated smoke tests and workflow validations for our most important payment flows, and integrate them into CI and release gates Improve Environment Fidelity: Make testing and staging behave more like production by improving stability, data hygiene, environment health checks, and repeatable test scenarios Develop Test Infrastructure: Build frameworks and harnesses for API and event-driven workflow testing, including partner simulations and contract checks where appropriate Enable Developer Productivity: Build internal self-service tooling and automation that reduces manual steps, improves debugging workflows, and increases engineering velocity Improve Release Observability and Documentation: Strengthen release dashboards, visibility, and documentation practices to improve triage, bug tracking, and regression prevention over time Strengthen CI and Developer Workflows: Improve CI speed and signal, reduce flaky tests, and make failures easy to debug with useful artifacts and visibility Add Operational Guardrails: Partner with engineering to define monitors, canaries, rollout strategies, and rollback patterns for higher-risk changes Close the Loop on Regressions: Turn production regressions into durable prevention by adding automated checks, checklist steps, improved documentation, or better safety rails What We're Looking For Senior Platform Engineer, Quality Systems Requirements 5+ years of software engineering experience building and operating production systems Demonstrated experience building test infrastructure, automation frameworks, CI gates, or developer productivity tooling Strong foundation in systems engineering, debugging, and designing pragmatic solutions that improve reliability and velocity Experience with distributed systems, asynchronous workflows, events, retries, and state transitions Education Bachelor's degree in Computer Science, Engineering, or related field required Technical Skills Software Engineering: Strong coding ability in Python or another backend language (we use Python 3) Test Engineering: Experience building workflow and integration tests beyond unit tests, including harnesses, fixtures, and test data strategies CI and Tooling: Experience improving CI pipelines, reducing flakiness, and increasing the signal of automated checks Cloud Infrastructure: Google Cloud Platform, or similar cloud platforms Observability: Logs, metrics, tracing, dashboards, alerting, and using observability to improve release safety Preferred Experience Fintech or High-Reliability Systems: Payments, money movement, reconciliation, risk, or compliance systems Partner Integrations: Testing and operating systems dependent on external APIs and webhooks Release Engineering: Building release gates, canaries, rollout plans, and rollback playbooks Test Environment Strategy: Experience improving staging fidelity and maintaining stable test fixtures for complex systems Why This Role Matters Direct Impact: You’ll be a big part of a small engineering team and your work will directly improve how we ship High Leverage: The tooling and automation you build will compound over time as the product and team scale Faster, Safer Releases: Help the team ship more frequently with smaller releases and higher confidence Complex Problems: Work on sophisticated workflow and reliability challenges that few engineers get to solve Team Enablement: Make it easier for engineers to build and validate changes without fear of unpredictable regressions What We Offer Competitive compensation with equity in a growing fintech company Remote-first culture with flexible working arrangements Small team, big impact - your work directly shapes our platform Professional growth - lead technical decisions and drive foundational improvements Modern tech stack - work with cutting-edge cloud technologies Mission-driven - build systems that power financial innovation Remote Work and Culture Astra is a remote-first company hiring only within the U.S. We value thoughtful collaboration, clarity, and initiative. We’re proud to be an equal opportunity employer and are committed to building a diverse and inclusive team. How to Apply We’re looking for engineers who enjoy building high-leverage systems that improve reliability and velocity. If you’re excited to own release confidence through tooling, automation, and platform improvements, we’d love to hear from you.

Supporting healthcare revenue cycle, analytics, and project management, with a focus on data and process improvement. | Experience in healthcare data analysis, project management, and familiarity with healthcare systems and operations. | About Astra Astra is building mission-critical infrastructure for moving money at scale. Our platform processes billions in annual transaction volume with 99.9%+ uptime, powering real-time transfers, bank debits, card disbursements, and complex financial compliance systems. We provide APIs and automation tools that enable businesses to move money programmatically while maintaining strict regulatory requirements. The Role As Astra’s first dedicated GRC Analyst, you will be at the center of how we build trust, scale responsibly, and operate with regulatory excellence. This is more than a traditional compliance role – it’s an opportunity to design the governance, risk, and compliance foundation that enables Astra to grow quickly while meeting the expectations of banks, enterprise customers, auditors, and regulators. You’ll own the full spectrum of GRC execution: driving SOC 1, SOC 2, PCI DSS, and ISO 27001 programs end-to-end, translating regulatory requirements into practical technical controls, building high-quality documentation and evidence, and helping teams embed security and compliance into everyday operations. You’ll partner closely with engineering and infrastructure teams to ensure controls are real, automated where possible, and aligned with how the platform actually runs. Because this is an early hire on the compliance team, you’ll have direct input into how Astra structures its audit programs, risk management processes, vendor due diligence workflows, and compliance tooling. You’ll collaborate with leaders across engineering, product, operations, and leadership to build scalable systems that reduce friction while increasing assurance and visibility. This role is perfect for someone who enjoys rolling up their sleeves to execute today while also designing durable systems for tomorrow – someone who sees compliance not as a checkbox exercise, but as a strategic advantage for building trusted financial infrastructure. What You’ll Do Audit Execution & Readiness: Own day-to-day execution of SOC 1, SOC 2, PCI DSS, and ISO 27001 readiness and audit cycles – including scoping, control testing, evidence collection, auditor coordination, and remediation tracking. Control Design & Documentation: Develop and maintain policies, procedures, risk assessments, control narratives, and supporting documentation that meet auditor expectations and scale with the business. Cross-Framework Mapping: Map controls across SOC, ISO, PCI, and NIST frameworks to identify overlap, gaps, automation opportunities, and control maturity improvements. Risk Management: Facilitate risk assessments for systems, vendors, products, and business initiatives. Maintain risk registers, mitigation plans, and executive reporting on residual risk. Engineering Partnership: Partner with engineering and infrastructure teams to translate security requirements into practical technical controls across cloud infrastructure, SDLC, access management, logging, monitoring, and incident response. Vendor Risk Management: Manage vendor security reviews, questionnaires, evidence validation, risk scoring, and ongoing monitoring for critical third parties and partners. Customer Trust & Due Diligence: Support customer security reviews, security questionnaires, and trust documentation that enable enterprise sales and bank partnerships. Continuous Compliance: Help build scalable compliance workflows, tooling, and automation to reduce manual effort and improve evidence quality as Astra grows. Metrics & Reporting: Maintain dashboards and reporting on audit status, control health, remediation progress, and risk posture for leadership. What We’re Looking For Required Experience 3–6+ years of experience in governance, risk, compliance, audit, or information security rolls. Hands-on experience supporting or leading SOC 1 and/or SOC 2 audits; experience with PCI DSS and ISO 27001 is strongly preferred. Strong working knowledge of compliance frameworks (SOC, ISO 27001, NIST CSF, PCI DSS) and how controls operate in practice. Experience working cross-functionally with engineering, product, and operations teams in a technical environment. Proven ability to build and maintain high-quality documentation, evidence, and audit artifacts. Comfort operating in fast-moving environments where priorities evolve and ambiguity is common. Ambition to structure and systems 0 to 1, and comfort in creating frameworks, templates, and playbooks that scale. Experience collaborating with Product, Sales, and Engineering teams to align on priorities and drive outcomes. Education Bachelor’s degree in Information Systems, Computer Science, Business, Risk Management, or related field (or equivalent practical experience). Preferred Experience Fintech / Payments: Experience operating in regulated environments involving payments, banking partners, PCI, or financial audits. ISO 27001: Experience supporting certification or operating within an ISO-aligned ISMS. Automation & Tooling: Experience implementing compliance tooling, evidence automation, or GRC platforms. Vendor Risk Programs: Hands-on ownership of third-party risk management workflows. Startup Environment: Experience building or scaling compliance programs in high-growth companies. Key Skills Audit Operations: Scoping, walkthroughs, evidence management, remediation tracking, auditor coordination. Control Design: Ability to translate regulatory requirements into clear, testable, and scalable controls. Risk Assessment: Experience performing system, vendor, and operational risk assessments with structured methodologies. Technical Fluency: Working understanding of cloud infrastructure, identity and access management, logging, monitoring, SDLC, and security tooling. Documentation & Writing: Strong ability to produce clear policies, procedures, narratives, and evidence artifacts. Project Management: Ability to manage multiple parallel audits, initiatives, and stakeholders while maintaining quality and deadlines. Communication: Ability to explain complex compliance concepts clearly to engineers, auditors, leadership, and external partners. Operational Rigor: Highly organized with strong attention to detail and follow-through. Why This Role Matters Trust is foundational to everything Astra builds. Our customers, bank partners, and regulators depend on the strength of our control environment, operational discipline, and risk management practices. As a GRC Analyst, your work will directly: Enable Astra to scale responsibly while maintaining strong audit outcomes and regulatory credibility. Reduce friction for engineering and product teams by building clear, pragmatic compliance processes. Support enterprise sales and partnerships by strengthening customer trust and security posture. Improve operational maturity through automation, documentation quality, and continuous improvement. This role is not just about passing audits – it’s about building durable infrastructure that allows Astra to grow faster and more confidently. What We Offer Competitive compensation with equity in a growing fintech company. Remote-first culture with flexible working arrangements Small team, big impact — your work directly supports Astra’s ability to scale responsibly Professional growth opportunities in compliance and risk management Mission-driven — build infrastructure that powers financial innovation while meeting the highest regulatory standards Remote Work and Culture Astra is a remote-first company hiring only within the U.S. We value thoughtful collaboration, clarity, and initiative. We’re proud to be an equal opportunity employer and are committed to building a diverse and inclusive team. How to Apply If you thrive on building structure, improving systems, and enabling teams to move fast while managing risk, we’d love to hear from you. Please submit: Resume highlighting relevant GRC, audit, or security experience. Brief cover letter (300 words max) answering: “Describe a compliance, audit, or risk initiative you owned end-to-end. What problem were you solving, and what impact did it have?” Optional: Sample documentation (control narrative, audit artifact, or process design) demonstrating clarity and rigor.