Software Engineer, Security at Gusto

| San Francisco
Sorry, this job was removed at 4:15 a.m. (PST) on Friday, May 1, 2020
Find out who's hiring in San Francisco.
See all Developer + Engineer jobs in San Francisco
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.
About Gusto
Gusto is a modern, online people platform that helps small businesses take care of their teams. On top of full-service payroll, Gusto offers health insurance, 401(k)s, expert HR, and team management tools. Today, Gusto offices in Denver, San Francisco, and New York serve more than 100,000 businesses nationwide.
Our Payroll, Benefits, and HR software suite allows small businesses to move faster and gives them peace of mind about back-office tasks in their business.

We’re looking for talented and motivated application security engineers with 7+ years of experience. As part of our AppSec team, you will build tools that will help our product engineers effortlessly write code that keeps our customers’ information secure. If you’re interested in building secure software with far-reaching effects in our modern economy, join us!

Gusto processes billions of dollars in payroll for hundreds of thousands of employees. Additionally, our clients trust us with a huge amount of personally identifiable information (PII) and protected health information (PHI). Our customers put a lot of trust in us to be good stewards of this information. As a result, protecting our clients’ PII and PHI is one of the top considerations in anything we do at Gusto.

Here’s what you’ll do day-to-day:

  • Work with our product engineers to keep our web applications secure.
  • Develop easy-to-use tools and light-weight processes that will help our engineers seamlessly write secure code.
  • Be involved early in the software development life cycle so that security is built into our architecture.
  • Train engineering teams in secure coding best practices.
  • Research the latest threats and exploits and help our engineers secure the product against those threats.
  • Automate and integrate security into CI/CD pipelines, such as static code analysis and dynamic code analysis.
  • Run internal red team exercises.
  • Coordinate and manage 3rd party pen-testers and bug bounty programs.
  • Ensure proper management, encryption, and separation of secrets and keys.
  • Share our security learnings and best practices with the outside world, so we can make the world more secure.

Here’s what we’re looking for:

  • 7+ years experience in an application security role.
  • Familiarity with cloud environments like AWS.
  • Familiarity with dynamic languages and modern web development frameworks. We use Ruby, Javascript, Rails, and React.
  • A hands-on engineer who cares deeply about both the technological and social aspects of building a secure organization
  • Ability to partner well with cross-functional stakeholders.
  • Always thinking about attack vectors in which PII and PHI can be compromised.
  • Relevant security certifications (OSCP, CEH, GPEN, CISSP, etc.) are a plus.

Learn more about the team:

  • Our Engineering Culture and Values
  • How We Built a Service-Driven Team
  • Our Diversity Goals and Efforts

Our customers come from all walks of life and so do we. We hire great people from a wide variety of backgrounds, not just because it's the right thing to do, but because it makes our company stronger. If you share our values and our enthusiasm for small businesses, you will find a home at Gusto.

Read Full Job Description
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

Technology we use

  • Engineering
    • JavascriptLanguages
    • RubyLanguages
    • ReactLibraries
    • ReduxLibraries
    • Ruby on RailsFrameworks


The Dogpatch is a neighborhood filled with a strong sense of community and an abundance of bustling bars, restaurants, and businesses.

What are Gusto Perks + Benefits

Volunteer in local community
Friends outside of work
Eat lunch together
Pair programming
Open office floor plan
Dedicated Diversity/Inclusion Staff
Unconscious bias training
Someone's primary function is managing the company’s diversity and inclusion initiatives
Health Insurance & Wellness Benefits
Flexible Spending Account (FSA)
Disability Insurance
Dental Benefits
Vision Benefits
Health Insurance Benefits
Life Insurance
Retirement & Stock Options Benefits
Company Equity
Child Care & Parental Leave Benefits
Child Care Benefits
Generous Parental Leave
Family Medical Leave
Vacation & Time Off Benefits
Generous PTO
Paid Volunteer Time
Paid Holidays
Paid Sick Days
Perks & Discounts
Casual Dress
Commuter Benefits
Company Outings
Free Daily Meals
Stocked Kitchen
Happy Hours
Relocation Assistance
Fitness Subsidies
Professional Development Benefits
Diversity Program
More Jobs at Gusto8 open jobs
All Jobs
Data + Analytics
Design + UX
Dev + Engineer
Design + UX
San Francisco
Data + Analytics
San Francisco
Design + UX
San Francisco
San Francisco
San Francisco
San Francisco
San Francisco
San Francisco
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.
Save jobView Gusto's full profileSee more Gusto jobs