Security Software Engineer, Product and AI

Описание вакансии

About Gusto

At Gusto, we're on a mission to grow the small business economy. We handle the hard stuff—like payroll, health insurance, 401(k)s, and HR—so owners can focus on their craft and customers. With teams in Denver, San Francisco, and New York, we’re proud to support more than 400,000 small businesses across the country, and we’re building a workplace that represents and celebrates the customers we serve. Learn more about our Total Rewards philosophy.

About the Role:

We’re hiring two Senior Software Engineers for our Product & AI Security Engineering team. You’ll own and evolve the security foundations behind Gusto’s products and AI/LLM experiences, from authentication and authorization at scale to securing core services and data. You’ll partner across the company to solve high-impact security problems and ship secure, reliable, AI-powered features quickly and safely.

About the Team:

The Product & AI Security Engineering team sits at the intersection of product, platform, and AI at Gusto. We prioritize high‑leverage projects that reduce risk, harden our foundations, and unlock faster delivery for other teams. We build security tools and services, embed with partner teams when needed, and set best practices for authentication, authorization, and safe data handling, especially as we adopt AI and LLMs.

Here’s what you’ll do day-to-day:

• Design, build, and operate authentication and authorization systems that work at Gusto scale.
• Strengthen core services and data protections, including access control, storage, and APIs.
• Detect and mitigate account takeover and other abuse, improving safety for our customers.
• Build security platforms and tooling that help product and AI teams move quickly and safely.
• Own and improve high-availability security and identity services that other teams depend on.
• Tackle ambiguous AI/LLM security problems from threat modeling to practical mitigations.
• Provide leadership in promoting security and software engineering excellence.

Here’s what we're looking for:

• 7+ years of experience as a backend engineer, building and operating large-scale server-side services and APIs
• Deep experience with authentication and authorization, such as SAML/SSO, RBAC, and ABAC.
• Proven track record building secure, highly available distributed systems and services.
• Hands-on experience with modern security tooling and practices (e.g., SAST, DAST, SIEM, SCA).
• Proficiency in one or more of: Ruby, Python, Kotlin, JavaScript/TypeScript
• Experience with AI tools for coding (ex: Cloud Code, Cursor, Github Copilot)
• Bonus: experience with authorization platforms/policy engines (e.g., Open Policy Agent, SpiceDB) and technologies like GraphQL, gRPC, Kubernetes, Terraform, Traefik, Flask, Okta.
• Strong collaboration skills and comfort breaking down complex, cross‑cutting security and AI problems into clear, practical solutions.

Our cash compensation amount for this role is targeted at $186,000-222,000 in the San Francisco Bay Area. Stock equity is additional. Final offer amounts are determined by multiple factors including candidate experience and expertise and may vary from the amounts listed above.

Gusto has physical office spaces in Denver, San Francisco, and New York City. Employees who are based in those locations will be expected to work from the office on designated days approximately 2-3 days per week (or more depending on role). The same office expectations apply to all Symmetry roles, Gusto's subsidiary, whose physical office is in Scottsdale.

Note: The San Francisco office expectations encompass both the San Francisco and San Jose metro areas.

When approved to work from a location other than a Gusto office, a secure, reliable, and consistent internet connection is required. This includes non-office days for hybrid employees.

Our customers come from all walks of life and so do we. We hire great people from a wide variety of backgrounds, not just because it's the right thing to do, but because it makes our company stronger. If you share our values and our enthusiasm for small businesses, you will find a home at Gusto. 

Gusto is proud to be an equal opportunity employer. We do not discriminate in hiring or any employment decision based on race, color, religion, national origin, age, sex (including pregnancy, childbirth, or related medical conditions), marital status, ancestry, physical or mental disability, genetic information, veteran status, gender identity or expression, sexual orientation, or other applicable legally protected characteristic. Gusto considers qualified applicants with criminal histories, consistent with applicable federal, state and local law. Gusto is also committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. We want to see our candidates perform to the best of their ability. If you require a medical or religious accommodation at any time throughout your candidate journey, please fill out this form and a member of our team will get in touch with you.

Gusto takes security and protection of your personal information very seriously. Please review our Fraudulent Activity Disclaimer.

Personal information collected and processed as part of your Gusto application will be subject to Gusto's Applicant Privacy Notice.