Security Engineer – Defense Engineering and Threat Hunting

Security Engineer – Defense Engineering and Threat Hunting

Location: Denver, CO; New York City, NY; San Francisco, CA, Remote

Remote

Gusto is looking for an experienced Senior Security Engineer, with a focus on Corporate Security Technologies, to build out capabilities for our Defense Engineering and Threat Hunting (DETH) organization. We’re looking for an individual who enjoys mentoring others, working in a collaborative environment and is able to independently drive objectives (projects) to completion. This role’s core functions include but are not limited to architecture/design, corporate security engineering, detection engineering, security operations and incident response, vulnerability management.

About Gusto

Gusto is a modern, online people platform that helps small businesses take care of their teams. On top of full-service payroll, Gusto offers health insurance, 401(k)s, expert HR, and team management tools. Today, Gusto offices in Denver, San Francisco, and New York serve more than 200,000 businesses nationwide.

Our mission is to create a world where work empowers a better life, and it starts right here at Gusto. That’s why we’re committed to building a collaborative and inclusive workplace, both physically and virtually. Learn more about our Total Rewards philosophy.

Gusto processes billions of dollars in payroll every month for small businesses and their employees. Our clients trust us with a huge amount of personally identifiable information (PII) and protected health information (PHI), including SSNs, EINs, salaries, home addresses, and more. Our business is largely built on trust, as a result protecting our clients’ PII and PHI is one of the top considerations in anything we do at Gusto.

Here’s what you’ll be doing:

• Creating and executing on strategic roadmaps for corporate security that’s prioritized based on business needs, risk and shifting priorities – e.g. Enterprise wide DLP program that covers endpoints, SaaS, and Cloud resources; VDI Infrastructure best practices; Windows Monitoring and Hardening, etc
• Design and implement security controls to protect our data, business technologies, infrastructure, networks, and applications against threat actors
• Collaborate with the IT Engineering and Business Technology Tech teams to ensure secure design and operation of our corporate services
• Conduct security assessments and provide recommendations for improvements to our security posture
• Develop and maintain security policies, standards, and procedures
• Build signals and detections using Python, SQL and detection as code methods to detect and respond to security events
• Work alongside threat defense operations to investigate and perform security response for security events/incidents
• Perform hypothesis driven threat hunting based on a detection lifecycle
• Participate in an on-call rotation

Here’s what we’re looking for:

• Security Engineers experienced in one or more of the following: data loss prevention, VPNs, Zero-Trust concepts, VDIs, macOS and Windows endpoint security monitoring and hardening, vulnerability management, infrastructure hardening, identity and access management, cloud security, security analysis and response, detection engineering
• Collaborative Security Engineers experienced working cross-functionally with stakeholders to manage projects, and incidents, to create positive change for the organization
• Experienced candidates who have participated and led incident management processes, including security incident response
• Demonstrated knowledge of both on-premise and cloud-based corporate security technologies such as endpoint detection and response technologies, vulnerability management scanners, cloud identity providers
• Experienced working with development workflows in source control, infrastructure as code, and CI/CD pipelines
• Strong proficiency in one or more programming/scripting languages, with the ability to mentor others on best practices in at least one language: Python, Golang, Ruby.

Our cash compensation amount for this role is targeted at $155,000 – $206,000 in Denver & most remote locations, and $200,000 – $230,000 for San Francisco & New York. Final offer amounts are determined by multiple factors including candidate experience and expertise and may vary from the amounts listed above.

Our customers come from all walks of life and so do we. We hire great people from a wide variety of backgrounds, not just because it’s the right thing to do, but because it makes our company stronger. If you share our values and our enthusiasm for small businesses, you will find a home at Gusto.