Sr. Ruby on Rails Engineer (Security)
Aha!
Date: 2 weeks ago
City: Remote, Remote
Contract type: Full time
Remote
Aha! is the world's #1 product development software. We help over 1 million product builders bring their strategy to life. Our suite of tools includes Aha! Roadmaps , Aha! Ideas , Aha! Whiteboards , Aha! Knowledge , and Aha! Develop . Product teams rely on our expertise, guided templates, and training programs via Aha! Academy to be their best. We are proud to be a very different type of high-growth SaaS company. The business is self-funded, profitable, and 100% remote. We are recognized as one of the best fully remote companies to work for, champion the Bootstrap Movement , and have given over $1M to people in need through Aha! Cares . Learn more at www.aha.io .
Our team
The Aha! engineering team is a midsized, fully remote group that is highly productive. We are centered around North American time zones so we can collaborate during the workday.
Our web application is a single-instance, multitenant Ruby on Rails monolith supported by Postgres (database), Redis (background jobs), and Memcached (Rails caching). We also run a Node.js webserver to support collaborative editing and real-time updates. Our application is hosted on Amazon Web Services and architected with ECS for reproducibility and scalability.
We use a growing amount of React on the front end to build rich client-side experiences, including our fully collaborative text editor and slide presentation editor. We balance the strengths of both technologies: Rails for its conventions and simplicity and React for more powerful interactive functionality.
Teammates embrace the new technologies that help us deliver a lovable product suite, but we also remain cognizant of the maintenance overhead a new library or platform brings. We solve the problems in front of us — rather than prematurely optimizing to address issues that might never materialize.
We do most of our planning and collaboration in Aha! Roadmaps and built Aha! Develop so software engineers and their teams can take advantage of those same rich features. We use Slack and Zoom for video calls. (Email? Rarely.)
Your Experience
Most of our features involve writing significant Ruby on Rails code, so you should be familiar with working in a Rails codebase. You will perform security code reviews and should have experience reviewing code for security, compliance, or functional validation. Overall, you have strong problem-solving abilities as well as experience working on important functionality for a cloud-based product.
Skills
We believe that being a kind person who elevates the rest of the team is just as valuable as writing great code. You are humble, eager to learn, and always willing to help others. You want teammates who enjoy solving problems, regardless of the technologies and techniques involved. You have worked at meaningful scale before and want to do so again. You also have the following experience and skills:
The security team works across our full suite of products and applications with a focus on core features such as authentication, authorization, file handling, and data segmentation. We also provide security reviews and guidance for the larger engineering team across the full stack.
We Love Ruby On Rails And Dig Deep Into Code And Business Logic. As a Sr. Ruby On Rails Engineer For Security, Your Work Will Include
Grow with us
Everyone deserves to reach their fullest potential. We know that when we do work that matters with people we care about in a high-growth environment, we feel engaged and alive. It is why we joined Aha! and how we achieve our very best .
We offer all the benefits you would expect and more, including profit sharing. The specific benefits listed below are reflective of what we offer U.S.-based hires. We also do our best to extend identical benefits to international teammates.
Our team
The Aha! engineering team is a midsized, fully remote group that is highly productive. We are centered around North American time zones so we can collaborate during the workday.
- We help each other grow: We each bring unique skills to the table and want our teammates to feel valued from the start. Our onboarding program exposes new hires to the codebase and lets them contribute right away.
- We move quickly: We ship code multiple times a day. We believe in getting valuable features in front of customers and iteratively improving as we learn what works and what does not.
- We value product over process: We want the team to have the time and focus needed to solve complex challenges. We minimize overhead by setting clear goals and avoiding heavyweight processes and excessive meetings.
- We share knowledge freely: We share our learnings with one another and with the developer community. Our engineering blog demonstrates how we tackle interesting challenges at Aha!
- We enjoy: We like what we do. And we want you to love your team and your job too. Learn more about The Responsive Method , our company values , and the generous benefits we offer.
Our web application is a single-instance, multitenant Ruby on Rails monolith supported by Postgres (database), Redis (background jobs), and Memcached (Rails caching). We also run a Node.js webserver to support collaborative editing and real-time updates. Our application is hosted on Amazon Web Services and architected with ECS for reproducibility and scalability.
We use a growing amount of React on the front end to build rich client-side experiences, including our fully collaborative text editor and slide presentation editor. We balance the strengths of both technologies: Rails for its conventions and simplicity and React for more powerful interactive functionality.
Teammates embrace the new technologies that help us deliver a lovable product suite, but we also remain cognizant of the maintenance overhead a new library or platform brings. We solve the problems in front of us — rather than prematurely optimizing to address issues that might never materialize.
We do most of our planning and collaboration in Aha! Roadmaps and built Aha! Develop so software engineers and their teams can take advantage of those same rich features. We use Slack and Zoom for video calls. (Email? Rarely.)
Your Experience
Most of our features involve writing significant Ruby on Rails code, so you should be familiar with working in a Rails codebase. You will perform security code reviews and should have experience reviewing code for security, compliance, or functional validation. Overall, you have strong problem-solving abilities as well as experience working on important functionality for a cloud-based product.
Skills
We believe that being a kind person who elevates the rest of the team is just as valuable as writing great code. You are humble, eager to learn, and always willing to help others. You want teammates who enjoy solving problems, regardless of the technologies and techniques involved. You have worked at meaningful scale before and want to do so again. You also have the following experience and skills:
- Four+ years of experience working in Ruby on Rails
- Experience with code reviews for security or functional validation in Ruby on Rails
- Experience developing features at a high-growth SaaS company
- Active collaborator with product teams
The security team works across our full suite of products and applications with a focus on core features such as authentication, authorization, file handling, and data segmentation. We also provide security reviews and guidance for the larger engineering team across the full stack.
We Love Ruby On Rails And Dig Deep Into Code And Business Logic. As a Sr. Ruby On Rails Engineer For Security, Your Work Will Include
- Implementing security features and improvements with the customer experience in mind
- Security code reviews that go above and beyond what can be found with scanning tools (which we also use!)
- Investigating errors to identify security, resiliency, and performance improvements
- Developing and sharing secure patterns internally for ongoing education
Grow with us
Everyone deserves to reach their fullest potential. We know that when we do work that matters with people we care about in a high-growth environment, we feel engaged and alive. It is why we joined Aha! and how we achieve our very best .
We offer all the benefits you would expect and more, including profit sharing. The specific benefits listed below are reflective of what we offer U.S.-based hires. We also do our best to extend identical benefits to international teammates.
- The base salary range for this role in the U.S. is between $110,000 and $190,000
- Cash-based compensation also includes profit sharing, and we contribute a percentage of your total pay each month toward your retirement
- Medical, dental, and vision plans (for many teammates, we cover 100% of the premiums)
- Up to 200 hours of paid time off a year to spend however you want
- 30 to 90 days of paid parental leave and five to 10 days of paid care and bereavement leave
- Up to $1,000 annually for third-party education, along with paid time off to immerse yourself in learning
- Volunteer opportunities throughout the year
How to apply
To apply for this job you need to authorize on our website. If you don't have an account yet, please register.
Post a resumeSimilar jobs
Security Consultant - Next-Gen SIEM (Remote)
TELUS,
Remote, Remote
6 days ago
Join Our Team And What We'll Accomplish TogetherWe live in a fast-paced cyber-world where protecting our information has become paramount. TELUS Security strives to always be steps ahead, tackling the toughest security challenges head-on with top talent and cutting edge technology. You will be applying security disciplines across new domains of big data, cloud, wireless and wireline networks, and massive...
Manager of Financial Planning and Analysis
Prenuvo,
Remote, Remote
6 days ago
About UsAt Prenuvo, we are on a mission to flip the paradigm from reactive "sick-care" to proactive health care. Our award-winning whole body scan is fast (under 1 hour), safe (MRI has no ionizing radiation), and non-invasive (no contrast). Our unique integrated stack of optimized hardware, software, and increasingly AI, coupled with the patient-centric experience of our clinics across North...
Solution Support Analyst - Americas
Chainlink Labs,
Remote, Remote
1 week ago
About UsChainlink Labs is the primary contributing developer of Chainlink, the decentralized computing platform powering the verifiable web. Chainlink is the industry-standard platform for providing access to real-world data, offchain computation, and secure cross-chain interoperability across any blockchain. Chainlink Labs helps power verifiable applications for banking, DeFi, global trade, and gaming by collaborating with some of the world’s largest financial...