Software Engineer, Security
We’re looking for an engineer who has a passion for building tools to make things more secure. As an engineer on our Security Engineering team, you'll work with our Security, Compliance, Risk, and other Engineering teams to build tools that will make Gusto more secure. We believe that creativity is key to staying one-step ahead of the bad guys. As such, you’ll think of creative things to build to make our web application more secure for our customers and our corporate environment more secure for our employees.
To be successful in this role, you’ll have a strong engineering background, understand web and non-web technologies, and know common attack vectors that bad guys use to gain access to very sensitive personal information and money. Gusto processes billions of dollars in payroll every month. Additionally, our clients trust us with a huge amount of personally identifiable information (PII) and protected health information (PHI), including customers’ SSNs, EINs, salaries, home addresses, and more. Our business is largely built on trust. As a result, protecting our clients’ PII and PHI is one of the top considerations in anything we do at Gusto.
Here’s what you’ll do day-to-day:
- Make security easier for engineers by giving them easy-to-use tools and building security services that they can use.
- Automate finding vulnerabilities. For example through improving our custom static and dynamic code analysis.
- Improving data security through use of encryption/key management, segregation, or other techniques
- Write tools that assist with threat hunting and finding IOCs (indicators of compromise).
- Write custom alerting of suspicious activity in our web application and corporate environment.
- Develop any security tools that we can’t buy or license.
- Think of creative ways to detect and mitigate attackers.
- Work closely with our legal, risk, and compliance team to build tools that help enforce our security policies.
- Find ways to make our security team more effective and efficient.
- Creating safer ways for engineers have console access to virtual machines when absolutely necessary.
- Work closely with our product engineering and IT teams to ensure that the right processes and tools are being used to develop code with minimal security vulnerabilities.
Here’s what we’re looking for:
- 2+ years of experience in an software engineering role
- Ability to partner closely with cross-functional internal stakeholders, like IT, compliance, HR, and legal teams
- Someone who is always thinking about attack vectors in which PII and PHI can be compromised
- Familiarity with AWS
- Passion for engineering best practices such as code quality and automated testing
- Comfort and experience with building and working with APIs
- Comfort and experience with debugging production systems
- Successful track record building distributed, high-throughput applications that scale
- Highly collaborative mindset
- Bonus: Experience with Ruby on Rails and Javascript
Learn more about the team:
- Our Engineering Culture and Values
- How We Built a Service-Driven Team
- Our Diversity Goals and Efforts
About Gusto
Our customers come from all walks of life and so do we. We hire people from a wide variety of backgrounds, not just because it’s the right thing to do, but because it makes our company stronger. If you share our values and our enthusiasm for small businesses, you will find a home at Gusto.
Gusto’s mission is to create a world where work empowers a better life. By making complicated, impersonal business tasks simple and personal, Gusto is reimagining HR, payroll, and benefits for over 60,000 companies nationwide. Gusto has offices in San Francisco and Denver and the company’s investors include Google Capital, General Catalyst, Kleiner Perkins Caufield & Byers, as well as the founders of Instagram, Stripe, Nest, PayPal, Yelp, Dropbox, and Eventbrite, among others.