We’re hiring a Software Security Engineer in Columbus, OH

Engineering at Root
The engineering team at Root strives to be one of the most transformative engineering teams ever. We’re changing the way that car insurance works. We’re competing with companies that have been around for a century and comprise a $200B industry—and we’re doing it with an astonishingly small team.

Our tech stack includes:
--Ruby / Rails backend, RSpec for testing
--Javascript / React Native frontend, Mocha for testing
--Small amounts of native iOS and Android
--Deployment to AWS ECS using containers
--Buildkite for CI

We recently raised one of the largest VC rounds ever for an Ohio technology company, giving us an opportunity to make a large impact. For more on engineering at Root, see https://root.engineering

About the position
As Root continues to grow, we’re looking to improve the maturity of our software security practice. While our engineering team takes security seriously and uses industry-accepted best practices, we haven’t yet formalized our Software Security Development Life Cycle.

We are looking for an individual who can bring forward our SSDLC practice, work across Engineering functions and business units, and help mature our Information Security Program.  The ability to help maintain and develop policies and procedures, guidelines and standards, and implement tools to assist with code analysis is vital to the role.

Technical Skills

  • A deep understanding of securing technologies used in our stack, client-server architecture, and web technologies
  • Implement, test, and operate software security solutions and techniques
  • Ability to perform manual code review, as well as static and dynamic automated code reviews, on both Mobile apps and web application code
  • Solid knowledge of databases, SQL, and version control tools
  • Adequate understanding of infrastructure and devops

Planning and Execution

  • Plans and completes large and complex tasks/projects without supervision
  • Foresees issues and requirements for securing large projects
  • Completes large pre-planned tasks in an efficient manner
  • Thinks critically about work to promote security and take into account business goals.
  • Can augment the DevOps environment, providing methods of improving code security that are as non-intrusive and transparent as possible

Working With Others

  • Able to work across teams to tackle complex issues
  • Able to positively influence other engineers, both directly and indirectly
  • Works with product owners, analysts and other functions to move company’s priorities forward
  • Be able to develop and deliver secure code training
  • Must be able to take a vulnerability/finding and deliver, through one-to-one or one-to-many, education for building more secure code
  • Provides effective and accurate technical feedback in code reviews

Get in touch

Finding the right people to help us build Root is a top priority. Whether you would like to explore the possibility of working together or simply learn more about the position, we’d love to hear from you!

Apply now

Current job openings

Finance
Actuarial
Claims
Marketing
Engineering
Data Science
Creative
People
Product
Corporate Dev & Strategy

If you’d like to be a part of what we are building but don’t see an opening that suits you, email us at [email protected].