Experienced Security Engineer

Aha! is the world's #1 product development software, serving over 1 million users worldwide. We are looking for an Experienced Security Engineer to ensure the safety, integrity, and resilience of the Aha! product and infrastructure.

Responsibilities:
- Identify, assess, and mitigate security vulnerabilities in our Ruby on Rails and React application.
- Develop, implement, and champion security best practices, policies, and standards across the engineering team.
- Conduct regular security reviews, code audits, and penetration testing (manual and automated).
- Monitor for, investigate, and respond to security incidents and alerts.
- Collaborate closely with development teams to integrate security into the software development lifecycle (SDLC).
- Stay current with emerging security threats, vulnerabilities, and technologies.

Requirements:
- Proven experience in application security, particularly within Ruby on Rails environments.
- Strong understanding of web security principles (OWASP Top 10, common vulnerabilities, etc.).
- Hands-on experience with security scanning tools, vulnerability management, and incident response.
- Familiarity with cloud security concepts (AWS preferred).
- Excellent communication skills and ability to collaborate effectively in a remote setting during North American timezones.

Ideal Candidate:
- Proactive and meticulous approach to security.
- Ability to balance security requirements with business needs and development velocity.
- Passionate about building secure and trustworthy software.

Aha! is profitable, offers excellent benefits, and has been 100% remote since inception, collaborating during North American work hours. Join us to help build lovable and secure products.