Principal Security Engineer

About Gusto

Gusto is a modern, online people platform that helps small businesses take care of their teams. On top of full-service payroll, Gusto offers health insurance, 401(k)s, expert HR, and team management tools.

Today, Gusto offices in Denver, San Francisco, and New York serve more than 300,000 businesses nationwide.

Our mission is to create a world where work empowers a better life, and it starts right here at Gusto. That’s why we’re committed to building a collaborative and inclusive workplace, both physically and virtually.

Learn more about our .

About the Role

We are looking for a Principal Software Engineer to join our Product Security Engineering team. Our team has the unique opportunity to prioritize bold engineering projects across the company to better protect our customers.

The Product Security team helps Gusto move faster, securely. We’re a team of engineers who work to enable other teams to build products as quickly as possible while continuing to protect our customers.

We help developers ship secure code by building security tools and services, providing security training and expertise, and advocating for best practices in authorization and safe data handling across the company.

Here’s what you’ll do day-to-day :

• Improving authorization at scale, with considerations for security, engineering and operations.
• Bolster security in core systems such as access control, sensitive data storage, API design, and more.
• Build software to keep our customers and company safe and secure.
• Work on impactful engineering problems across Gusto.
• Maintain high uptime for core services.
• Provide leadership in promoting security and software engineering excellence.

Here’s what we're looking for :

• 10+ years of Software Engineering experience.
• Experience with and understanding of authorization strategies such as role-based authorization and attribute-based authorization.
• Experience building high-availability distributed systems and services.
• Experience with applied cryptography - envelope encryption, AEAD, ECDSA.
• Experience with Kotlin or Java with a desire to learn server-side Kotlin.
• Experience with any of these technologies is a plus : Open Policy Agent, GraphQL, gRPC, Google Tink, Kubernetes, Terraform, Traefik,
• We mainly use Ruby, Kotlin, and JavaScript / Typescript.

Our cash compensation amount for this role is targeted at $200,000 / yr to $235,000 / yr in Denver & most remote locations, and $235,000 / yr to $280,000 / yr in New York & San Francisco Bay Area.

Stock equity is additional. Final offer amounts are determined by multiple factors including candidate experience and expertise and may vary from the amounts listed above.

Gusto has physical office spaces in Denver, San Francisco, and New York City. Employees who are based in those locations will be expected to work from the office on designated days approximately 2-3 days per week (or more depending on role).

The same office expectations apply to all Symmetry roles, Gusto's subsidiary, whose physical office is in Scottsdale.

Note : The San Francisco office expectations encompass both the San Francisco and San Jose metro areas.

When approved to work from a location other than a Gusto office, a secure, reliable, and consistent internet connection is required.

Our customers come from all walks of life and so do we. We hire great people from a wide variety of backgrounds, not just because it's the right thing to do, but because it makes our company stronger.

If you share our values and our enthusiasm for small businesses, you will find a home at Gusto.

Gusto is proud to be an equal opportunity employer. We do not discriminate in hiring or any employment decision based on race, color, religion, national origin, age, sex (including pregnancy, childbirth, or related medical conditions), marital status, ancestry, physical or mental disability, genetic information, veteran status, gender identity or expression, sexual orientation, or other applicable legally protected characteristic.

Gusto considers qualified applicants with criminal histories, consistent with applicable federal, state and local law. Gusto is also committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures.

If you require assistance in filling out a Gusto job application, please reach out to .

Gusto takes security and protection of your personal information very seriously. Please review our .