Security Partner Engineer PE

About Gusto

Gusto is a modern, online people platform that helps small businesses take care of their teams. On top of full-service payroll, Gusto offers health insurance, 401(k)s, expert HR, and team management tools. Today, Gusto offices in Denver, San Francisco, and New York serve more than 100,000 businesses nationwide.

Our mission is to create a world where work empowers a better life, and it starts right here at Gusto. That’s why we’re committed to building a collaborative and inclusive workplace, both physically and virtually. Learn more about our Total Rewards philosophy. 

About the role:

The Security Partner Manager role works with product and engineering leads to design products and features with the safety and privacy of our customers in mind. This role will be focused on building long-term relationships between the Security team and internal stakeholders across the company, providing guidance on security risks and mitigation, and leading our team of security partners. More about Security Partners on the Gusto blog.

The Product Security group helps Gusto move faster, securely. We’re a team of engineers who work to enable other teams to build products as quickly as possible while continuing to protect our customers. We support developers in shipping secure code by building security tools and services, providing security training and expertise, and advocating for best practices in authentication, authorization, and safe data handling across the company.

Here’s what you’ll do day-to-day:

• Empower and grow a great team of security partners.
• Work alongside product, engineering, infrastructure, legal, and privacy teams to design safe features to protect our customers.
• Design processes for security reviews, threat modeling, and partnering with product engineering teams.
• Provide detailed security advice and risk assessments.
• Develop guidelines and recommendations for secure coding practices.
• Lead and manage secure code training.
• Coordinate bug bounty and external security testing engagements, as well as drive remediation of findings.
• Implement and deploy application security tools.
• Develop long-term relationships with product development and engineering teams.

Here’s what we're looking for:

• 6+ years of experience in information security, especially application / product security / security partnerships / privacy.
• 2+ years of experience leading a team.
• Ability to work with engineers to balance security risks, customer privacy, and business requirements.
• Experience building software. Gusto primarily uses Ruby on Rails and React.

Our customers come from all walks of life and so do we. We hire great people from a wide variety of backgrounds, not just because it's the right thing to do, but because it makes our company stronger. If you share our values and our enthusiasm for small businesses, you will find a home at Gusto.

Our cash compensation amount for this role is targeted at $234,000/yr to $250,000/yr in Denver & most remote locations, and $275,000/yr to $295,000/yr for San Francisco & New York. Stock equity is additional. Final offer amounts are determined by multiple factors including candidate experience and expertise and may vary from the amounts listed above.