Security Engineer

Aha! engineering is a mid-sized, fully remote team that is highly productive. We are centered around North American time zones so we can collaborate during the workday.**Our team*** **We utilize [The Responsive Method](https://ift.tt/2Utfi33 The eight principles drive how we operate Aha! and serve customers and employees.* **We move quickly**: We ship code multiple times a day. We believe in getting new features in front of customers and iteratively improving as we learn what works and what does not.* **We collaborate:** We each bring unique experiences and skills to the table. Working together to share that knowledge benefits the entire team and helps us produce the best results for our customers.* **We value product over process:** We want the team to have the time and focus to solve complex challenges. We aim to minimize the overhead introduced by heavyweight processes and excessive meetings.* **We are happy:** it is important to us that you love your job and are happy at work. Learn more about our company [values](https://ift.tt/2B9ypHY). Check out our generous [benefits](https://ift.tt/38FaxLV technology**Our sole product is the Aha! web application. It is a single-instance, multi-tenant Ruby on Rails monolith supported by Postgres (database), Redis (background jobs), and memcached (Rails caching). We also run a Node.js webserver to support collaborative editing and real-time updates. Our application is hosted on Amazon Web Services and architected with ECS for reproducibility and scalability.We use React for rich client-side experiences on the front end. Some of the features we have built with React include:* Our fully collaborative [text editor](https://ift.tt/32RcL7R Supports multiple cursors and simultaneous editing by any number of users. We also published a [blog post](https://ift.tt/3nlIC7Y) explaining the underlying technology.* Our [presentation editor](https://ift.tt/33Hzzpy Allows users to create presentations with slide themes, shapes, text, and embedded Aha! reports (which update live so the presentation is always current).* Our [Gantt chart](https://ift.tt/33UK2OS Supports scaling and scrolling to change the timeline, drag-and-drop, and quick actions to create records or sort the bars.* We embrace new technologies that help us deliver a lovable product, but we also remain cognizant of the maintenance overhead that a new library or platform brings. We solve the problems in front of us, rather than prematurely optimizing to address issues that may never materialize.* We do most of our collaboration and planning in Aha! itself, which we find especially rewarding. We also utilize GitHub, Slack, and GoToMeeting for video calls.**Your experience**We believe that being a kind person who elevates the rest of the team is just as valuable as writing great code. You have strong problem-solving skills and experience working on important functionality for a cloud-based product. You are humble, eager to learn, and always willing to help others learn as well. You want to work with people who enjoy picking up a problem and solving it, regardless of the technologies and techniques involved.The Aha! security team is part of the engineering team and is product focused. As a Senior Security Engineer, you can expect to spend the majority of your time working with Ruby on Rails and JavaScript code for security reviews, investigations, updates, and implementing security features.**Your work at Aha!**We maintain security controls and perform security reviews on a broad range of features across the full stack. Your work will include:* Security code reviews that go above and beyond what can be found through scanning tools (which we use too!)* Cloud and network security reviews of Amazon Web Services infrastructure that is implemented via infrastructure as code* Monitoring third-party dependency vulnerability reports and applying fixes and mitigations* Sharing security findings and new developments internally for ongoing education* Participating in security monitoring, incident response, and investigationsIf this sounds appealing, we would love to hear from you. A real human reviews every application.

from Remote OK Apply for this position
application link above

If there is no "apply" button, copy the link above (https://ift.tt/.....) and paste on a new tab in your browser