Lead Ruby Software Engineer
Baltimore, MD (Potential for Remote U.S.) /
Product & Engineering – Engineering /
Contrast Security is the world’s leading provider of security technology that enables software applications to protect themselves against cyberattacks, heralding the new era of self-protecting software. Contrast's patented deep security instrumentation is the breakthrough technology that enables highly accurate assessment and always-on protection of an entire application portfolio, without disruptive scanning or expensive security experts. Only Contrast has sensors that work actively inside applications to uncover vulnerabilities, prevent data breaches, and secure the entire enterprise from development, to operations, to production.
About the Position
Contrast is looking for a talented Senior Software Engineer with experience in Ruby to join our team, engineering a world-class instrumentation agent for analyzing the security of Ruby web applications.
An ideal candidate is proficient in Ruby. They have 7 years or more experience as a software engineer, with at least a portion of that spent working with Ruby and are looking to deepen their understanding of Ruby’s unique characteristics, examining the internals of the language in order to enhance inherent or introduce novel dataflow analysis.
At Contrast, we take the responsibility of writing instrumentation agents very seriously. Our customers trust us enough to run our agents directly in their applications, oftentimes in their production environments. We're looking for a responsible engineer to exercise that power carefully, to help us build a quality, thoroughly tested agent that our customers run with complete confidence.
**will require travel to an off-site event on an annual basis - Potential for Remote**
- Building, shipping, curating, and iterating on features supported by the agent
- Define and direct team in the area of performance, maintainability, and securityImproving accuracy, reliability, and resilience of the agent
- Work with architecture, design, and product teams to build amazing, jaw-dropping features
- Implementing security rules designed to detect and defend against common attack patterns and security anti-patterns
- Investigating third-party web frameworks and servers for the purpose of deriving and implementing instrumentation approaches
- Building many variations of simple to complex applications web frameworks in Ruby in order to provide robust testing of our agents
- Building many variations of simple to complex web servers in Ruby in order to provide robust testing of our agents
- Enhancing acceptance criteria for the agents including performance, integration test, unit test, and code coverage metrics
- Performing forensic investigations when the agent negatively impacts the performance or functionality of instrumented web applications
- The Ruby agent is released on RubyGems. Each member of the team is expected to take a turn to validate and then release new versions of the agent to this repository.
- You develop code in Ruby
- You have at least 7 years of industry experience as a software engineer
- You have experience with using Git, or similar code management, tooling
- You develop code with Unit and Integration level testing
- You have experience developing code with Continuous Integration and automated deployment
- You approach problems from a product perspective, thinking through how the user will interact with what you're building
- You have strong communication skills. You ask questions, let others know when you need help, and tell others what you need
- You are a problem solver. You believe the best work is the result of finding the simplest solution to complex challenges
- You see the big picture. You understand how the code you write interacts with systems and services, both internally and externally
- Developing, or experience with, code in C
- Developing code in Ruby web frameworks
- Developing code in Ruby web servers
- Docker or another containerization
While not a requisite, it’d be helpful if you have experience with some of the following:
We are focused on building a diverse and inclusive workforce. If you’re excited about this role, but do not meet 100% of the qualifications listed above, we encourage you to apply.
What We Offer
- Competitive Compensation
- Medical, dental, and vision benefits
- 401(k) plan
- Flexible paid time off
We are changing the world of software security. Do it with us.
We believe in what we do and are passionate about helping our customers secure their business.
If you’re looking for a challenge and want to enjoy where you work, you’ll love Contrast Security.
Contrast Security is committed to a diverse and inclusive workplace. Contrast Security is an equal opportunity employer and our team is comprised of individuals from many diverse backgrounds, lifestyles, and locations.
By submitting your application, you are providing Personal Information about yourself (cover letter, resume, email address, etc.) and hereby give your consent for Contrast Security, Inc. and/or our HR-related Service Providers, to use this information for the purpose of processing, evaluating and responding to your application for current and future career opportunities. If you are a resident of the European Economic Area or are applying for a position in the European Economic Area, Contrast’s Privacy Statement reflects our policies around compliance with the General Data Protection Regulation (“GDPR”) and your rights respective to GDPR as a California resident, you are entitled to certain rights under CCPA: The California Consumer Privacy Act of 2018 (“CCPA”) will go into effect on January 1, 2020. Under CCPA, businesses must be overtly transparent about the personal information they collect, use, and store on California residents. CCPA also gives employees, applicants, independent contractors, emergency contacts and dependents (“CA Employee”) new rights to privacy.
* We could support remote work in most states except Colorado.
Recruitment Agencies: Although we value the services you provide, at this time we are not accepting resumes from agencies, headhunters, or other suppliers who have not signed a formal agreement with us.