Application Security Engineer

Company: Root Insurance
Location: Myrtle Point
Posted on: June 7, 2021

Job Description:

The engineering team at Root strives to be one of the most transformative engineering teams ever. We're changing the way an industry works by leveraging technology and data to build the best products possible. Even with our significant growth, we operate in small teams that are given ownership over projects and results. We've found that the people closest to the problems are the best at solving them.

Our tech stack includes:

Ruby / Rails backend, RSpec for testing

Javascript / React Native frontend, Mocha for testing

Small amounts of native iOS and Android

Deployment to AWS ECS using containers

Buildkite for CI

We're scaling rapidly, and we recently launched a $6B IPO:

https://www.nasdaq.com/articles/root-insurance-ipo-poised-to-disrupt-the-insurance-market-2020-10-30

Our team excels at delivering software to solve the problems in front of us at Root: presently, a suite of world-class mobile, web, and server-based products obsessed with the customer experience. We've shaped our team and process around this; we know that constant iteration and experimentation produce the best results.

For more information on engineering at Root see root.engineering

We divide the areas of responsibility for engineers into three major areas:

Technical: The skills and knowledge that make up an engineer's basic problem-solving toolbox.

Planning and Execution: The ability to plan and execute assigned work beyond basic technical solutions.

Working with Others: The ability to work effectively with other engineers and people in other functions.

What we look for in Application Security Engineers:

Technical Skills

• Knowledge of securing both web and mobile applications against common issues (including OWASP Top 10)
• Writes clean, functional, well-tested code
• Experienced with several programming paradigms
• Deep understanding of client-server architecture and web technologies
• Solid knowledge of continuous integration pipelines and automating security feedback
• Building, executing, and documenting a Secure Software Development Lifecycle

Planning and Execution

• Completes large pre-planned tasks in an efficient manner
• Able to take on unplanned work and bug fixes
• Understands and takes business goals into account when making technical decisions
• Can manage a bug bounty program though an external service

Working with Others

• Able to work across teams to tackle complex issues
• Works with engineers to coach them on finding and fixing security bugs
• Can teach secure coding techniques and methods

Keywords: Root Insurance, Medford , Application Security Engineer, Other , Myrtle Point, Oregon