This job post is closed and the position is probably filled. Please do not apply. Work for Aha! and want to re-open this job? Use the edit link in the email when you posted the job!
Aha! engineering is a mid-sized, fully remote team. We are centered around North American time zones so we can collaborate during the workday.\n\n# Our core values\n# \n* [The Responsive Method](https://www.aha.io/company/the-responsive-method): These 8 principles drive how we operate Aha! and serve customers and employees.\n* Moving quickly: We ship code multiple times a day. We believe in getting new features in front of customers and iteratively improving as we learn what works and what does not.\n* Product over process: We want our engineers to have the time and focus to solve complex challenges. We aim to minimize the overhead introduced by heavyweight processes and excessive meetings.\n* Collaboration: We each bring unique experiences and skills to the table. Working together to share that knowledge benefits the entire team and helps us produce the best results for our customers.\n# Who we're looking for\n# \nWe believe that being a kind person who elevates the rest of the team is just as valuable as writing great code. We look for strong problem-solving skills and experience working on important functionality for a cloud-based product. We need people who are humble, eager to learn, and always willing to help others learn as well. We want to work with people who enjoy picking up a problem and solving it, regardless of the technologies and techniques involved.\n\nThe Aha! security team is part of the engineering team and is product focused. As a Senior Security Engineer, you can expect to spend the majority of your time working with Ruby on Rails and JavaScript code for security reviews, investigations, updates, and implementing security features.\n\n# Our technology\n# \nOur sole product is the Aha! web application. It is a single-instance, multi-tenant Ruby on Rails monolith supported by Postgres (database), Redis (background jobs), and memcached (Rails caching). We also run a Node.js webserver to support collaborative editing and real-time updates. Our application is hosted on Amazon Web Services and architected with ECS for reproducibility and scalability.\n\nWe use React for rich client-side experiences on the front end. Some of the features we have built with React include:\n\n* Our fully [collaborative text editor](https://www.aha.io/blog/collaborative-writing): Supports multiple cursors and simultaneous editing by any number of users. We also published a blog post explaining the underlying technology.\n* Our [presentation editor](https://www.aha.io/blog/product-roadmap-presentation-editor): Allows users to create presentations with slide themes, shapes, text, and embedded Aha! reports (which update live so the presentation is always current).\n* Our [Gantt chart](https://www.aha.io/blog/roadmap-gantt-chart): Supports scaling and scrolling to change the timeline, drag-and-drop, and quick actions to create records or sort the bars.\n\nWe embrace new technologies that help us deliver a lovable product, but we also remain cognizant of the maintenance overhead that a new library or platform brings. We solve the problems in front of us, rather than prematurely optimizing to address issues that may never materialize.\n\nWe do most of our collaboration and planning in Aha! itself, which we find especially rewarding. We also utilize GitHub, Slack, and GoToMeeting for video calls.\n\n# What youโll be doing\n# \nWe maintain security controls and perform security reviews on a broad range of features across the full stack. Your work will include:\n\n* Security code reviews that go above and beyond what can be found through scanning tools (which we use too!)\n* Cloud and network security reviews of Amazon Web Services infrastructure that is implemented via infrastructure as code\n* Monitoring third-party dependency vulnerability reports and applying fixes and mitigations\n* Sharing security findings and new developments internally for ongoing education\n* Participating in security monitoring, incident response, and investigations\n\nIf this sounds appealing, we would love to hear from you. A real human reviews every application, so please use the form to help us learn more about you. \n\nPlease mention the words **CLUSTER QUESTION PRICE** when applying to show you read the job post completely (#RMTguMTE2LjEzLjExMw==). This is a feature to avoid spam applicants. Companies can search these words to find applicants that read this and see they're human.\n\n \n\n#Salary and compensation\n
No salary data published by company so we estimated salary based on similar jobs related to InfoSec, Ruby, Engineer, React, JavaScript, Video, Amazon, Cloud and Senior jobs that are similar:\n\n
$70,000 — $120,000/year\n
\n\n#Location\nNorth America
# How do you apply?\n\nThis job post has been closed by the poster, which means they probably have enough applicants now. Please do not apply.