Senior Security Operations Engineer

About Gusto

Gusto is a modern, online people platform that helps small businesses take care of their teams. On top of full-service payroll, Gusto offers health insurance, 401(k)s, expert HR, and team management tools. Today, Gusto offices in Denver, San Francisco, and New York serve more than 400,000 businesses nationwide.

Our mission is to create a world where work empowers a better life, and it starts right here at Gusto. That’s why we’re committed to building a collaborative and inclusive workplace, both physically and virtually. Learn more about our Total Rewards philosophy .

The Security Operations team at Gusto plays a critical leadership role in fortifying Gusto and our customers against the most sophisticated threats, encompassing phishing attacks, insider risks, data loss, and emerging attack techniques. Our distributed team across Eastern and Pacific time zones strategically designs, implements, and optimizes our monitoring and response capabilities, ensuring proactive and impactful threat detection and mitigation across the organization.

We are seeking a highly experienced and influential Security Engineer with 8+ years of demonstrable experience to lead and significantly contribute to advanced security operations and comprehensive vulnerability management initiatives. In this pivotal role, you will drive strategic enhancements within our Vulnerability Management Program and spearhead critical security operations efforts. Your deep expertise in AWS cloud environments, proven ability to lead incident response investigations, and strong proficiency in Python scripting will be essential as you collaborate and influence multiple areas of the company. This is an exceptional opportunity to shape Gusto's security posture and mentor other engineers in a dynamic and high-impact setting.

Here’s what you’ll do day-to-day :

• Security Monitoring & Detection Engineering : Lead the strategy and execution of our real-time security monitoring capabilities. Architect, build, and fine-tune high-fidelity detections, with a strong focus on our AWS environment. Develop and implement improvements to group-level incident response processes, practices, and tools.
• AWS Security Configuration & Automation : Drive the continuous improvement and hardening of our AWS security posture. Architect, deploy, and continuously enhance advanced security tools such as SIEM, EDR, DLP, and security orchestration and automation platforms, influencing their adoption and effectiveness beyond the immediate team. Actively model and configure AWS services (e.g., GuardDuty, Security Hub, AWS WAF) to align with best practices.
• Security Operations Tooling & Automation : Design, develop, and implement robust automation frameworks and tools using Python and SOAR tools to significantly improve security operations efficiency, response times, and overall security posture across the organization. This includes creating automated responses to common alerts and integrating various security signals into a cohesive view.
• Incident Response & Threat Hunting : Drive critical security incident response efforts, including complex root cause analysis and proactive remediation planning across multiple teams. Proactively hunt for threats within our AWS and corporate environments by developing hypotheses based on threat intelligence and analyzing logs from various sources.
• Cross-functional Security Leadership : Act as a principal security advisor to internal users and engineering teams, proactively strengthening and evangelizing Gusto’s security culture and secure coding practices. Provide expert guidance on secure AWS architecture and lead the implementation of security controls within CI / CD pipelines.

Participate in the on-call rotation :

Here’s what we're looking for :

Minimum Requirements :

Preferred Qualifications :

Our cash compensation amount for this role is targeted at $168,000-188,000 in Denver, $204,000-228,000 in New York, Seattle, and San Francisco Bay Area, and $136,000-152,000 CAD in Toronto, CAN. Stock equity is additional. Final offer amounts are determined by multiple factors including candidate experience and expertise and may vary from the amounts listed above.

Gusto has physical office spaces in Denver, San Francisco, and New York City. Employees who are based in those locations will be expected to work from the office on designated days approximately 2-3 days per week (or more depending on role). The same office expectations apply to all Symmetry roles, Gusto's subsidiary, whose physical office is in Scottsdale.

Note : The San Francisco office expectations encompass both the San Francisco and San Jose metro areas.

When approved to work from a location other than a Gusto office, a secure, reliable, and consistent internet connection is required.

Our customers come from all walks of life and so do we. We hire great people from a wide variety of backgrounds, not just because it's the right thing to do, but because it makes our company stronger. If you share our values and our enthusiasm for small businesses, you will find a home at Gusto.

Gusto is proud to be an equal opportunity employer. We do not discriminate in hiring or any employment decision based on race, color, religion, national origin, age, sex (including pregnancy, childbirth, or related medical conditions), marital status, ancestry, physical or mental disability, genetic information, veteran status, gender identity or expression, sexual orientation, or other applicable legally protected characteristic. Gusto considers qualified applicants with criminal histories, consistent with applicable federal, state and local law. Gusto is also committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. We want to see our candidates perform to the best of their ability. If you require a medical or religious accommodation at any time throughout your candidate journey, please fill out this form and a member of our team will get in touch with you.

Gusto takes security and protection of your personal information very seriously. Please review our Fraudulent Activity Disclaimer .

Personal information collected and processed as part of your Gusto application will be subject to Gusto's Applicant Privacy Notice .

#J-18808-Ljbffr