Founding Payments Engineer

About CentscapeCentscape is a consumer app that helps people save toward the things they actually want — universal wishlists, price tracking, and automatic saving toward their goals. The product is live, and we're now building out the payments and ledger systems beneath it.The roleYou'll own the money layer: the systems that move and track user funds from their bank to the balance they see in the app, and the redemption that turns saved balances into the things people are saving for. This is the highest-trust engineering seat on the team. The ledger is the heart of the company's integrity — if it's even slightly wrong, real money ends up in the wrong place — so this role is as much about rigor and judgment as it is about code.What you'll ownThe ledger — the source of truthDouble-entry, append-only, immutable; balances derived from posted entries, not mutable fieldsMoney in exact minor units (never floats); idempotent postings so retries can't double-countStrong transactional and concurrency guarantees — no double-spend, no racesA clear money state machine (pending → settled → spendable), every entry traceable to its source eventReconciliation — continuous and automatedDaily tie-out of the ledger against external truth (bank/processor settlement, partner reports, redemption records)Break detection and alerting the moment a discrepancy appearsTooling and runbooks to investigate and resolve breaksA standing invariant: total funds = user balances + in-flight + fees, alwaysSecurity of the money layerEncryption in transit and at rest; tokenized bank details, no raw credentials storedSecrets in a managed vault/KMS with rotation; least-privilege access and segregation of dutiesFull audit logging of every money-affecting actionFraud/abuse defense: webhook signature verification, replay protection, rate limiting, anomaly detectionSecure SDLC and threat-modeling of the flowsThe money serviceOrchestrates recurring bank-funded deposits and round-ups under each user's standing authorizationHandles the hard parts: settlement timing, returns/reversals, retries, dead-letter handling, end-to-end idempotencyWebhook processing that stays correct under duplicate and out-of-order deliveryRedemption and partner integrationIntegrate payment and redemption partners; reconcile what's issued against what's fundedTechnical lead in partner onboardingCompliance implementationBuild the requirements our compliance function defines into the ledger and flowsCore skills & systemsLanguages: strong in Go (our backend) or an equivalent typed language you can move from; fluent SQL.Data: deep with a transactional relational database (Postgres or similar) — ledger schema design, isolation levels, locking, and transactional integrity; comfort with event-sourced / append-only designs.Async & distributed systems: queues / event streams for webhook and settlement processing; idempotency keys, exactly-once-style processing, sagas, retries, and dead-letter queues.APIs & integration: designing and consuming REST and webhook APIs; integrating third-party financial/payment APIs.Observability: logging, metrics, tracing, and alerting built specifically around money flows and reconciliation breaks.Testing: rigorous testing of money logic — property-based tests and simulation of failure modes (reversals, partial failures, duplicate events).Practices: secure SDLC, disciplined code review on money paths, and solid CI/CD.Must-havesYou've shipped production systems that move real money (payments, banking, lending, payroll, or marketplaces) and owned their correctness end to end.You've designed or operated a double-entry ledger and can reason about balance integrity, idempotent posting, and concurrency.You've built or owned reconciliation against external financial data, and can walk us through a real break you caught, diagnosed, and fixed.Real familiarity with bank / ACH rails and their failure modes — returns, reversals, settlement timing.Strong instincts for securing financial systems — data protection, access control, audit logging, and fraud/abuse defense.Fluency in idempotency, webhooks, eventual consistency, and designing for partial failure.A correctness-and-security temperament — you hold the line on edge cases before shipping, and you mean it.Nice-to-havesExperience with a pay-by-bank / ACH provider.Prepaid, gift-card, or stored-value background.Exposure to compliance / audit frameworks (SOC 2, PCI) or building toward them.Built reconciliation or ledger tooling as a real product surface.CompensationFounding-level equity plus a salary appropriate to an early-stage company. Happy to discuss specifics early in the process.