logo

Gusto, Inc.

Staff Software Engineer, Security & AI Platform

Department
Engineering
Job Type / Location
San Francisco
Experience Required
10+ years
Posted On

About the Role

We’re hiring two Staff Engineers for our Product & AI Security Engineering team. You’ll own and evolve the security foundations behind Gusto’s products and AI/LLM experiences—from authentication and authorization at scale to securing core services and data. You'll define and own security architecture and standards across Gusto's products and AI/LLM experiences — setting the direction for authentication, authorization, and safe data handling, and building the platforms and guardrails that other teams rely on.

Here’s what you’ll do day-to-day:

  • Design, build, and operate authentication and authorization systems that work at Gusto scale.
  • Strengthen core services and data protections, including access control, storage, and APIs.
  • Detect and mitigate account takeover and other abuse, improving safety for our customers.
  • Build security platforms and tooling that help product and AI teams move quickly and safely.
  • Own and improve high-availability security and identity services that other teams depend on.
  • Tackle ambiguous AI/LLM security problems from threat modeling to practical mitigations.
  • Provide leadership in promoting security and software engineering excellence.

Here’s what we're looking for:

  • 10+ years of experience as a backend engineer, building and operating large-scale server-side services and APIs.
  • Proven track record building secure, highly available distributed systems and services.
  • Hands-on experience with modern security tooling and practices (e.g., SAST, DAST, SIEM, SCA).
  • Proficiency in one or more of: Ruby, Python, Kotlin, JavaScript/TypeScript.
  • Experience with AI tools for coding (ex: Cloud Code, Cursor, Github Copilot).
  • Strong collaboration skills and comfort breaking down complex, cross‑cutting security and AI problems into clear, practical solutions.

Required:

  • Strong backend software engineering skills — you write clean, scalable, well-tested code.
  • Experience building and operating high-availability services at scale.
  • Ability to partner cross-functionally and communicate technical tradeoffs clearly.
  • Genuine interest and desire to grow within the security domain — you don't need to have worked in security before, but you're excited to get started.

Nice to have:

  • Experience with authorization platforms/policy engines (e.g., Open Policy Agent, SpiceDB) and technologies like GraphQL, gRPC, Kubernetes, Terraform, Traefik, Flask, Okta.
  • Experience with authentication and authorization, such as SAML/SSO, RBAC, and ABAC.
  • Familiarity with security concepts like access control, abuse detection, or data protection.
  • Prior work on security tooling or platforms.

View Assessment Process

Think you'll be a good fit?