Staff Information Security Engineer

Root Insurance

Root Insurance

United States · Remote
Posted on Tuesday, November 14, 2023

CURRENT ROOT EMPLOYEES - Please apply using the career page in Workday. This career site is for external applicants only.

The position

Root is changing the way an industry works by leveraging technology and data to build the best products possible, and the information security team at Root is a key contributor to that effort. Teams are given ownership over projects and results, as we’ve found that the people closest to the problems are the best at solving them. Root is also a “work where it works best” company, and we will support you working in whatever location works best for you across the US.

Root’s Information Security team is dedicated to managing information security risk within the organization, while enabling development and product teams to do their cutting-edge work, and we’re looking for a Staff Security Engineer to join us. In this role, you’ll be a key contributor to maturing Root’s security capabilities, influencing our approach to securing our most critical assets and protecting our customers.

Root is a “work where it works best” company. Meaning we will support you working in whatever location that works best for you across the US. We will continue to have our headquarters in Columbus and offices in other locations to give more flexibility and more choice about how we live and work.

Salary Range: $190,000 - $218,000

How You Will Make an Impact

  • Empower Root engineers and product teams to design, build and operate software and infrastructure that is secure by default.

  • Identify, address, and deliver on strategically important problems for security engineering, including recognizing opportunities where Root is underinvested and making a case for additional improvements.

  • Serve as team lead for security engineers, regularly coaching and mentoring engineers to increase their impact and abilities.

  • Contribute and lead threat modeling, security reviews, and design critiques, to identify risk and assist product and engineering team members in improving overall product security.

  • Develop tools and features to monitor and improve our Root’s security posture as it relates to application and cloud infrastructure security.

  • Lead Root in adhering to various compliance standards, working cross-functionality to ensure our risks are measured and mitigated.

  • Serve as the domain expert in multiple information-security areas and can provide regular insight to product and design leads of all levels that are working within these areas.

What You Will Need to Succeed

  • At least 7 (seven) years of experience in application security engineering.

  • Exposure to software development and/or infrastructure engineering is a plus.

  • Extensive experience with common and emerging threats, vulnerabilities, and mitigations in modern cloud-based applications and infrastructure.

  • Proven experience maturing infrastructure and application security programs and incorporating security into S/SLDC and DevSecOps approaches.

  • Experience coaching and mentoring application security engineers and developers.

  • Ability to identify and quantify gaps, communicate issues, create roadmaps, and architect solutions that demonstrate risk reduction and drive security improvements.

  • In-depth experience working with senior engineers and managers to prioritize and execute work and highlight areas for additional maturity and investment.

  • Experience with AWS, GCP, or Azure cloud environments/infrastructure.

  • Familiarity with security-related compliance requirements and standards/frameworks such as PCI, SOC 2, OWASP, and NIST.

Don’t meet every single requirement?

Studies have shown that women and people of color are less likely to apply to jobs unless they meet every single qualification. At Root, Inc., we are dedicated to building a diverse and inclusive workplace, so if you’re excited about this role but your past experience doesn’t align perfectly with every qualification in the job description, we encourage you to apply anyway!

Join us

At Root, we judge people based on the merit of their work, not who they are. If you are passionate about what this role entails and solving real problems, we encourage you to apply. We want to learn about you and what you can add to our team.

Who we are

We’re harnessing the power of technology to revolutionize insurance. Using machine learning and mobile telematic platforms, we’ve built one of the most innovative FinTech companies in the world. And we’re just getting started.

What draws people to Root

Our success is in large part due to our unwavering standards in hiring. We recognize that our products are only as good as the people building and promoting them. We want individuals who find solutions by going through the cycle of ideation to implementation with curiosity, rigor, and an analytical lens. Ask anyone who works here and you’ll hear similar reasons for why they joined:

Autonomy—for assertive self-starters, the opportunities to contribute are limitless.

Impact—by challenging the way it’s always been done, we solve problems that have a big impact on our business.

Collaboration—we encourage rich discussion and civil debate at every turn.

People—we are inspired by the collection of crazy-smart people around us.