Sr. Security Engineer (Ruby on Rails experience required)
Aha! is a very different type of high-growth SaaS company. We are self-funded, highly profitable, and 100 percent remote. We provide the world's #1 product development software so teams can build products that customers love. More than 600,000 product builders use our suite of tools which includes Aha! Roadmaps, Aha! Ideas, Aha! Create, and Aha! Develop. And they rely on our training programs via Aha! Academy to become product development experts. We are recognized as one of the best fully remote companies to work for, champion the Bootstrap Movement, and have given over $1M to people in need through Aha! Cares. Learn more at www.aha.io.
Aha! engineering is a mid-sized, fully remote team that is highly productive. We are centered around North American time zones so we can collaborate during the workday.
We move quickly: We ship code multiple times a day. We believe in getting new features in front of customers and iteratively improving as we learn what works and what does not.
We collaborate: We each bring unique experiences and skills to the table. Working together to share that knowledge benefits the entire team and helps us produce the best results for our customers.
We value product over process: We want the team to have the time and focus to solve complex challenges. We aim to minimize the overhead introduced by heavyweight processes and excessive meetings.
Our web application is a single-instance, multi-tenant Ruby on Rails monolith supported by Postgres (database), Redis (background jobs), and memcached (Rails caching). We also run a Node.js webserver to support collaborative editing and real-time updates. Our application is hosted on Amazon Web Services and architected with ECS for reproducibility and scalability.
We use React for rich client-side experiences on the front end. Some of the features we have built with React include:
Our presentation editor: Allows users to create presentations with slide themes, shapes, text, and embedded Aha! reports (which update live so the presentation is always current).
Our Gantt chart: Supports scaling and scrolling to change the timeline, drag-and-drop, and quick actions to create records or sort the bars.
We embrace new technologies that help us deliver a lovable product, but we also remain cognizant of the maintenance overhead that a new library or platform brings. We solve the problems in front of us, rather than prematurely optimizing to address issues that may never materialize.
We do most of our planning and collaboration in Aha! Roadmaps and built Aha! Develop so that software engineers and their teams could take advantage of those same rich features. We use Slack and Zoom for video calls. (Email? Rarely.)
We believe that being a kind person who elevates the rest of the team is just as valuable as writing great code. You have strong problem-solving skills and experience working on important functionality for a cloud-based product. You are humble, eager to learn, and always willing to help others learn as well. You want to work with people who enjoy picking up a problem and solving it, regardless of the technologies and techniques involved.
Your work at Aha!
We maintain security controls and perform security reviews on a broad range of features across the full stack. As Sr. Security Engineer, your work will include:
Security code reviews that go above and beyond what can be found through scanning tools (which we use too!)
Cloud and network security reviews of Amazon Web Services infrastructure that is implemented via infrastructure as code
Monitoring third-party dependency vulnerability reports and applying fixes and mitigations
Sharing security findings and new developments internally for ongoing education
Participating in security monitoring, incident response, and investigations
If the Sr. Security Engineer role sounds appealing, we would love to hear from you. (A real human reviews every application.)
Grow with us
Everyone deserves to reach their fullest potential. We know that when we do work that matters with people we care about in a high-growth environment, we feel engaged and alive. And our goal is to help you do just that. We offer all the benefits you would expect and more, including profit sharing. The specific benefits listed below are reflective of what we offer U.S.-based hires. We also do our best to extend identical benefits to international teammates.
Generous salary with annual profit sharing for all
Medical, dental, and vision plans — for many teammates, we cover 100 percent of the premiums
Up to 200 hours of paid time off a year to spend however you want
30 to 90 days of paid parental leave and five to 10 days of paid care and bereavement leave
Up to $1,000 annually for third-party education, along with paid time off to immerse yourself in learning
Aha! contributes a percentage of your total compensation each year towards your retirement
We are building a distributed team, and you can work from anywhere in North America or South America for this role. We offer generous salary, equity, benefits, and a profit-sharing program. See other openings at Aha!
We are committed to hiring, promoting, and compensating employees based on their qualifications and demonstrated ability to perform job responsibilities. As an equal opportunity employer, Aha! welcomes all employees and applicants, without regard to age, race, color, national origin, physical or mental disability, gender, religion, sexual orientation, gender identity, marital or veteran status, condition of pregnancy, or any other legally protected characteristic. Learn more about diversity and inclusion at Aha!