Product Security Software Engineer
Remote
About Gusto
Gusto is a modern, online people platform that helps small businesses take care of their teams. On top of full-service payroll, Gusto offers health insurance, 401(k)s, expert HR, and team management tools. Today, Gusto offices in Denver, San Francisco, and New York serve more than 200,000 businesses nationwide.
Our mission is to create a world where work empowers a better life, and it starts right here at Gusto. That’s why we’re committed to building a collaborative and inclusive workplace, both physically and virtually. Learn more about our Total Rewards philosophy.
About the Role
We are looking for a senior software engineer to join our Product Security Engineering team. Our team has the unique opportunity to prioritize bold engineering projects across the company to better protect our customers.
The Product Security team helps Gusto move faster, securely. We’re a team of engineers who work to enable other teams to build products as quickly as possible while continuing to protect our customers. We help developers ship secure code by building security tools and services, providing security training and expertise, and advocating for best practices in authentication, authorization, and safe data handling across the company.
Here’s what you’ll do day-to-day:
- Bolster security in core systems such as authentication, authorization, sensitive data storage, API design, and more.
- Build software to keep our customers and company safe and secure.
- Work on impactful engineering problems across Gusto.
- Maintain high uptime for core services.
- Provide leadership in promoting security and software engineering excellence.
Here’s what we're looking for:
- 8+ years of experience building software.
- Experience building high-availability distributed systems and services.
- Experience with managing AWS cloud infrastructure (EC2, RDS, S3, VPCs)
- Experience with and understanding of authorization strategies such as role-based authorization and attribute-based authorization.
- Experience with applied cryptography - envelope encryption, AEAD, ECDSA.Experience with Kotlin or Java with a desire to learn server-side Kotlin.
- Experience with any of these technologies is a plus: Open Policy Agent, GraphQL, gRPC, Google Tink, Kubernetes, Terraform, Traefik, Vert.x.
- Previous experience in a security-related role is a plus.
- We mainly use Ruby, Kotlin, and JavaScript/Typescript.
Our cash compensation range for this role is $182,000/yr to $244,000/yr in Denver & most remote locations, and $234,000/yr to $268,000/yr in San Francisco & New York. Final offer amounts are determined by multiple factors, including candidate experience and expertise, and may vary from the amounts listed above.
Our customers come from all walks of life and so do we. We hire great people from a wide variety of backgrounds, not just because it's the right thing to do, but because it makes our company stronger. If you share our values and our enthusiasm for small businesses, you will find a home at Gusto.
Gusto is proud to be an equal opportunity employer. We do not discriminate in hiring or any employment decision based on race, color, religion, national origin, age, sex (including pregnancy, childbirth, or related medical conditions), marital status, ancestry, physical or mental disability, genetic information, veteran status, gender identity or expression, sexual orientation, or other applicable legally protected characteristic. Gusto considers qualified applicants with criminal histories, consistent with applicable federal, state and local law. Gusto is also committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, you may contact us at accommodations@gusto.com.
Tags: APIs AWS Cloud Cryptography EC2 ECDSA Encryption Java JavaScript Kotlin Kubernetes Product security Ruby S3 Terraform TypeScript
Perks/benefits: Insurance
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Security Operations Engineer jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Analyst jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open Windows-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open DevSecOps-related jobs
- Open EDR-related jobs