[Please Submit your application HERE to be considered.]\nAbout Us:\n\nWe are a leading provider of SaaS products for the professional services industry. We are most well-known for our legal practice management software and our online payment solution designed specifically for legal professionals. Endorsed by all 50 state bar associations and the American Bar Association, our payment solution is trusted by attorneys nationwide. Founded in Austin, TX, in 2005, we have grown to serve over 74,100 law firms and 10,000 accounting firms with a combined\nheadcount of 500 employees.\nWhy Join Us:\n\n\n* Innovative Environment: Be part of a team that builds cutting-edge solutions to help professional businesses operate efficiently.\n\n* Industry Leader: Work with the largest legal tech company in the market.\n\n* Career Growth: Opportunity to lead our team expansion in Colombia and become a future leader in the company.\n\n* Customer Impact: Create products that make a real difference for our customers.\n\n* Long-Term Stability: Be part of a company with a stable and long-tenured team, where you can grow and develop new skills. \n\n* Lateral Movements: Explore opportunities for lateral moves within different business units to expand your horizons.\n\n* Travel Opportunities: Chance to travel to our HQ in Austin, Texas.\n\n* Impressive Platform: Work on an incredible payments platform that processes $20 billion USD a year.\n\n\n\nYour Role:\n\nWe are looking for a Quality Engineer to help our team build quality into our new and delightful products that enable powerful capabilities for our users. You will work with a team of engineers and product managers to test our LawPay Link and ClientPay Link web applications. Your contributions will impact the business practices of our diverse customer base, spanning from individual entrepreneurs to established enterprises.\nKey Responsibilities:\n\n\n* Work with the embedded Quality Engineer within the LawPay Link/Client Pay Link team, as a part of the larger quality engineering team\n\n* Author and maintain detailed test cases using Test Rail for Web front-end and API back-end testing.\n\n* Identify what tests should be automated and which should not, through understanding of features and product schedule and work with SDET Team on automating test cases where necessary\n\n* Help build and maintain the QE infrastructure in collaboration with the devops team to enable a real-world test environment with required data\n\n* Assist with post-deployment validations in pre-production and staging environments\n\n\n\nWhat We’re Looking For:\n\n\n* An associates degree in IT or at least 2 years equivalent work experience\n\n* A strong understanding between testing types (Unit, Functional, Non-Functional, E2E, Edge Case, etc.) and what attributes of a test make it a candidate for automation and which do not\n\n* Familiarity with a test tracking tool, such as TestRail, Tricentis qTest, or similar and use of associated APIs for reporting automated testing results\n\n* Demonstrated ability to work effectively, efficiently, and independently with minimal guidance\n\n* You have a strong understanding of concepts related to computer architecture, data structures, and testing practices\n\n\n\nNice to Have:\n\n\n* You have experience with CircleCI, Jenkins, or some other CI system\n\n* You are familiar with SQL databases writing tests using complex queries, understanding complex schemas, and the data needed to execute various automated test cases\n\n* You have previous finance/fintech or adjacent experience.\n\n\n\nPerks and Benefits:\n\n\n* Competitive salary and benefits.\n\n* Work with a supportive and collaborative team.\n\n* Opportunities for professional development and career growth.\n\n* Flexible work environment.\n\n* Long-Term Stability: Be part of a company with a stable and long-tenured team, where you can grow and develop new skills.\n\n* Lateral Movements: Explore opportunities for lateral moves within different business units to expand your horizons.\n\n\n\n\nJoin us and be part of a team that's making a difference in the professional services industry! Apply now and help us build solutions that empower businesses to thrive. \n\n#Salary and compensation\n No salary data published by company so we estimated salary based on similar jobs related to SaaS, DevOps, API and Engineer jobs that are similar:\n\n $57,500 — $92,500/year\n
\n\n#Benefits\n 💰 401(k)\n\n🌎 Distributed team\n\n⏰ Async\n\n🤓 Vision insurance\n\n🦷 Dental insurance\n\n🚑 Medical insurance\n\n🏖 Unlimited vacation\n\n🏖 Paid time off\n\n📆 4 day workweek\n\n💰 401k matching\n\n🏔 Company retreats\n\n🏬 Coworking budget\n\n📚 Learning budget\n\n💪 Free gym membership\n\n🧘 Mental wellness budget\n\n🖥 Home office budget\n\n🥧 Pay in crypto\n\n🥸 Pseudonymous\n\n💰 Profit sharing\n\n💰 Equity compensation\n\n⬜️ No whiteboard interview\n\n👀 No monitoring system\n\n🚫 No politics at work\n\n🎅 We hire old (and young)\n\n
\n\n#Location\nBogotá, Bogotá, Colombia

\nAbout the Role:\n\nWe are seeking a Senior Product Manager to work with our API Infrastructure team. In this role, you will play a pivotal role in shaping the future of our API platform, driving the strategy and execution of our technical infrastructure, documentation, and partner-developer tooling that powers integrations with Gusto. You will collaborate closely with cross-functional teams, including engineering, design, and business development, to deliver high-quality APIs that enable seamless interactions and drive business growth.\n\nAbout the Team:\n\n\nGusto Embedded Payroll is our newest business unit, driving the next arc of innovation and growth for Gusto. Our mission is to enable any third party SMB platform to build, sell, and serve payroll, however, they wish. Our API offering allows other companies to offer payroll services to their customers inside their app or service. By creating a more seamless payroll experience for SMBs, we will bring Gusto’s platform to hundreds of thousands more businesses than those we serve directly. Learn more about our partnerships with Chase and Freshbooks, and what we have learned since we started.\n\nHere’s what you’ll do day-to-day:\n\n\n* Drive product development of critical projects from concept to launch, ensuring timely delivery of high-quality products that improve the products of our Embedded partners\n\n* Work with developer teams at our partners to develop a deep understanding of their needs and how to enable them to bring payroll to their customers as quickly as possible\n\n* Partner with Engineering, Design, Data Science, CX, Solution Architects, and other counterparts across Gusto to solve complex cross functional problems\n\n* Identify emerging technologies and industry trends, especially related to developer products (APIs, SDKs, etc.) to push our product experience to the next level\n\n\n\n\nHere’s what we're looking for:\n\n\n* 8+ years experience in product management with a focus on API platforms, infrastructure, or developer tools\n\n* Strong technical background, with a deep understanding of API design principles, RESTful architecture, and web services development\n\n* Excellent communication and stakeholder management skills\n\n* Proven track record of successfully delivering complex technical products, from concept to launch, in a fast-paced, agile environment\n\n* Analytical mindset and proficiency in data-driven decision-making, with experience using metrics and analytics tools to drive product insights and improvements\n\n\n\n\nOur cash compensation amount for this role is targeted at $144,000 to $178,000 in Denver & most major metro locations, and $186,000 to $230,000 for San Francisco, New York, & Seattle. Final offer amounts are determined by multiple factors including candidate location, experience and expertise and may vary from the amounts listed above. \n\n#Salary and compensation\n No salary data published by company so we estimated salary based on similar jobs related to Design, Payroll, API and Senior jobs that are similar:\n\n $65,000 — $102,500/year\n
\n\n#Benefits\n 💰 401(k)\n\n🌎 Distributed team\n\n⏰ Async\n\n🤓 Vision insurance\n\n🦷 Dental insurance\n\n🚑 Medical insurance\n\n🏖 Unlimited vacation\n\n🏖 Paid time off\n\n📆 4 day workweek\n\n💰 401k matching\n\n🏔 Company retreats\n\n🏬 Coworking budget\n\n📚 Learning budget\n\n💪 Free gym membership\n\n🧘 Mental wellness budget\n\n🖥 Home office budget\n\n🥧 Pay in crypto\n\n🥸 Pseudonymous\n\n💰 Profit sharing\n\n💰 Equity compensation\n\n⬜️ No whiteboard interview\n\n👀 No monitoring system\n\n🚫 No politics at work\n\n🎅 We hire old (and young)\n\n
\n\n#Location\nSan Francisco, California, United States

\nAs a Principal Application Security Engineer at Vimeo, you will engage in a variety of activities, either offensive, defensive, or some combination thereof, ultimately aimed at safeguarding our users who entrust Vimeo with their content every day.\n\nYou’ll plan, carry out, and lead security initiatives to monitor and protect sensitive data and systems from infiltration and cyber-attacks.\n\nYou will likely collaborate frequently with and support developers, as well as members of the infrastructure security team, the compliance team, IT, Product, and other teams throughout the organization.\n\nYou love to solve puzzles, and are a great team player.\n\nThis role is remote. The role requires three hours of overlap with the US Eastern time zone (i.e., New York City) daily.\n\nWhat you’ll do:\n\nDepending on your preferences and the current needs of the team, you may either focus on just one or two of the following areas, or you may choose to become involved with many of them.\n\n\n* Security architecture — create a technical plan for partitioning and consolidating our cookies; draft up a sequence diagram for a new middleware to prevent IDOR attacks; implement a POC for leveraging CAPTCHA challenges in cross-origin embedded iframes; draft some code to modify the expiration behavior of our JWTs then pair with our API team to get feedback\n\n* Penetration testing — either hunt for security issues on our production or staged applications during an open-box internal pen test, or help coordinate an engagement with an external firm\n\n* Writing code for internal automated security tools — write some code, usually in Python, Bash, or Go, to support any of our team's various initiatives. Often we strive to facilitate a culture of “paved roads” for our developers, such that it is easy for any developer to incorporate security into their designs and implementations\n\n* Threat modeling — consider how malicious attackers may compromise our systems, and advise developers and product managers on what defenses are needed\n\n* Code reviews — discover weakness in our source code before it reaches production\n\n* Bug bounty program — help triage new incoming reports on a daily basis, plus launch creative initiatives to increase researcher engagement on our programs\n\n* Web Application Firewall and Rate Limiting — expand coverage and tune new rules while coordinating with developers, support team members, and the site reliability team\n\n* Remediation — enable and encourage developers to correctly fix recently discovered security issues in a timely manner, ultimately reducing our Mean Time To Remediate\n\n* Secure Software Development Lifecycle — configure automated tooling (eg. static and dynamic code analysis,, IAST) in our SDLC to detect security issues in our source code before it reaches production\n\n* Developer Education, Security Culture — create fun ways to spread technical security awareness throughout the engineering department\n\n* Incident response — lead or assist in running the various phases of an incident response, including initial detection, triage, containment, recovery, root cause analysis, retrospective, etc.\n\n* Collaboration with the infrastructure security team — pair with members of the infrastructure security team on various projects to secure our cloud instances and employee workstations\n\n* Collaboration with the compliance and privacy team — help ensure that our company complies with industry best practices and standards\n\n* Process improvements — help strengthen our own internal processes and procedures\n\n* A typical day will look like:\n\n\n\n* Engage with one or more product development teams and guide them through a threat model and data flow analysis.\n\n* Review the code for major new functionality to ensure security best practices are followed.  \n\n* Review new tickets in our bug bounty program (http://hackerone.com/vimeo) and use your system design and threat modeling knowledge to reproduce, define risk and mitigating controls and propose a fix., \n\n* A call or two with Development, Product Management teams to discuss security-related issues\n\n* Pen test a new feature in a staging environment with Burp Pro\n\n* Assist the compliance team on a privacy-related project\n\n* Provide technical advice in response to occasional questions from developers and other members of the security team\n\n\n\n\n\n\nSkills and knowledge you should possess:\n\n\n* Required: 5+ years of prior experience in either software development, devops, or site reliability engineering with hands-on coding experience.\n\n* Preferred: prior experience in Application Security\n\n* 7+ total years of relevant experience in Engineering, Application Security, or a similar technical field.\n\n* Strong knowledge of modern web, mobile, and network security\n\n* Strong programming skills with at least one of the following languages, and the ability to read all of them: Python, Go, PHP, Javascript, and Ruby\n\n* Expertise with application pen testing, using tools like Burp or Zap\n\n* Confident working in and across cloud environments like AWS and GCP. Detailed knowledge of at least one cloud environment.\n\n* Confident with shell scripting\n\n* Confident with common SDLC components, like git, Jira, Jenkins, etc\n\n* Confident ability to communicate technical security concepts to developers\n\n* At least an upper-intermediate level of English\n\n\n\n\nBonus points:\n\n\n* Link to a Github repo with security tools/scripts you’ve developed or help maintain\n\n* Full-stack web development experience creating RESTful applications (in any language) is a big plus\n\n* Open source vulnerability research or blog posts is a big plusS\n\n* Experience with system security hardening guidelines and SDLC principles\n\n\n \n\n#Salary and compensation\n No salary data published by company so we estimated salary based on similar jobs related to Design, Cloud, API and Engineer jobs that are similar:\n\n $62,500 — $105,000/year\n
\n\n#Benefits\n 💰 401(k)\n\n🌎 Distributed team\n\n⏰ Async\n\n🤓 Vision insurance\n\n🦷 Dental insurance\n\n🚑 Medical insurance\n\n🏖 Unlimited vacation\n\n🏖 Paid time off\n\n📆 4 day workweek\n\n💰 401k matching\n\n🏔 Company retreats\n\n🏬 Coworking budget\n\n📚 Learning budget\n\n💪 Free gym membership\n\n🧘 Mental wellness budget\n\n🖥 Home office budget\n\n🥧 Pay in crypto\n\n🥸 Pseudonymous\n\n💰 Profit sharing\n\n💰 Equity compensation\n\n⬜️ No whiteboard interview\n\n👀 No monitoring system\n\n🚫 No politics at work\n\n🎅 We hire old (and young)\n\n
\n\n#Location\nTel Aviv, Tel Aviv District, Israel