Senior Ruby Software Instrumentation Engineer at Contrast Security (allows remote)
Posted 7 days ago
Contrast Security is the world’s leading provider of security technology that enables software applications to protect themselves against cyberattacks, heralding the new era of self-protecting software. Contrast's patented deep security instrumentation is the breakthrough technology that enables highly accurate assessment and always-on protection of an entire application portfolio, without disruptive scanning or expensive security experts. Only Contrast has sensors that work actively inside applications to uncover vulnerabilities, prevent data breaches, and secure the entire enterprise from development, to operations, to production. Take a look out our Join the Team Page or our StackOverflow Page for more details about working in our Engineering department at Contrast Security. Please include a link to your GitHub or Bitbucket account, or any links to some of your projects, if available.
About the Position
Contrast is looking for a talented Software Engineer with experience in Ruby to join our team, engineering a world-class instrumentation agent for analyzing the security of Ruby web applications. An ideal candidate is proficient in Ruby. They have 5 years or more experience as a software engineer, with at least a portion of that spent working with Ruby and are looking to deepen their understanding of Ruby’s unique characteristics, examining the internals of the language in order to enhance inherent or introduce novel dataflow analysis.
At Contrast, we take the responsibility of writing instrumentation agents very seriously. Our customers trust us enough to run our agents directly in their applications, oftentimes in their production environments. We're looking for a responsible engineer to exercise that power carefully, to help us build a quality, thoroughly tested agent that our customers run with complete confidence. As a Senior Engineer, you’ll lead the design and development of new features within the agent, our proprietary Gem used to instrument customer applications, sometimes on your own, sometimes leading more junior developers. In addition, you’ll support the team in the maintenance and improvement of the product, adding your own coding standards and practices to ours.
- You’ll be responsible for:
The Development of the Ruby Agent:
- Building, shipping, curating, and iterating on features supported by the agent.
- Improving accuracy, reliability, and resilience of the agent.
- Implementing security rules designed to detect and defend against common attack patterns and security anti-patterns.
- Investigating third party web frameworks and servers for the purpose of deriving and implementing instrumentation approaches.
The Quality and Testing of the Ruby Agent:
- Building many variations of simple to complex applications web frameworks in Ruby in order to provide robust testing of our agents.
- Building many variations of simple to complex web servers in Ruby in order to provide robust testing of our agents.
- Enhancing release criteria for the agents including performance, integration test, unit test and code coverage metrics.
- Performing forensic investigations when the agent negatively impacts the performance or functionality of instrumented web applications.
The Deployment of the Ruby Agent:
- The Ruby agent is released on RubyGems Each member of the team is expected to take a turn to validate and then release new versions of the agent to this repository.
About You/ Qualifications:
- Developing code in Ruby.
- At least 5 years of industry experience as a software engineer.
- Git, or similar code management, tooling
- Developing code with Unit and Integration level testing.
- Developing code with Continuous Integration and automated deployment.
While not requisite, it’d be helpful if you have experience with some of the following:
- Developing, or experience with, code in C.
- Developing code in Ruby web frameworks.
- Developing code in Ruby web servers.
- Docker or another containerization.
- You approach problems from a product perspective, thinking through how the user will interact with what you're building.
- You have strong communication skills. You ask questions, let others know when you need help, and tell others what you need.
- You are a problem solver. You believe the best work is the result of finding the simplest solution to complex challenges.
- You see the big picture. You understand how the code you write interacts with systems and services, both internally and externally.
What We Offer
- Competitive Compensation
- In-office Lunches
- Medical, dental, and vision benefits
- Flexible paid time off
We are changing the world of software security. Do it with us.
We believe in what we do and are passionate about helping our customers secure their business.
If you’re looking for a challenge and want to enjoy where you work, you’ll love Contrast Security. Contrast Security is committed to a diverse and inclusive workplace. Contrast Security is an equal opportunity employer and our team is comprised of individuals from many diverse backgrounds, lifestyles, and locations. By submitting your application, you are providing Personal Information about yourself (cover letter, resume, email address, etc.) and hereby give your consent for Contrast Security, Inc. and/or our HR-related Service Providers, to use this information for the purpose of processing, evaluating and responding to your application for current and future career opportunities. If you are a resident of the European Economic Area or are applying for a position in the European Economic Area, Contrast’s Privacy Statement reflects our policies around compliance with the General Data Protection Regulation (“GDPR”) and your rights respective to GDPR.As a California resident, you are entitled to certain rights under CCPA: The California Consumer Privacy Act of 2018 (“CCPA”) will go into effect on January 1, 2020. Under CCPA, businesses must be overtly transparent about the personal information they collect, use, and store on California residents. CCPA also gives employees, applicants, independent contractors, emergency contacts and dependents (“CA Employee”) new rights to privacy.