Security Analyst

Gusto is a modern, online people platform that helps small businesses take care of their teams. On top of full-service payroll, Gusto offers health insurance, 401(k)s, expert HR, and team management tools. Today, Gusto offices in Denver, San Francisco, and New York serve more than 100,000 businesses nationwide. At Gusto, we serve small businesses by giving them peace of mind and helping them build great workplaces to attract and retain the best talent. 

Gusto processes billions of dollars in payroll every month for small businesses and their employees. Our clients trust us with a huge amount of personally identifiable information (PII) and protected health information (PHI), including SSNs, EINs, salaries, home addresses, and more. Our business is largely built on trust, as a result protecting our clients’ PII and PHI is one of the top considerations in anything we do at Gusto.

Here’s what you’ll do day-to-day:

Engage & Educate (and Learn)!  As the initial contact point of contact with Security for people who have security questions or concerns you with gain exposure to different areas of Security.  You will either direct to the appropriate people and processes, or answer questions and requests directly.

OMG It’s On Fire!  Be the initial triage and start off processes when things go bad.

Discover, Track and Report: Using provided infrastructure identify vulnerabilities, follow workflow and use automation to drive processes to remediate the findings.  Report on the progress of remediation efforts.

Audit Support: Collecting and tracking artifacts needed as part of the audit process 

Improve and Document Process!  Identify processes that need to be created and improved, and make those improvements to help yourself and other team members.

Positive Company Influence! Work across the organization to affect positive security change as an collaborator, contributor, and communicator.

Automate everything! Build and deploy automation to cover our core capabilities to provide efficiency and reproducibility in results for the entire team.

Experiment, Expand, and Extract!  Turn ideas into reality securing Gusto for its customers and employees.  We support open source, and can release our good ideas (opens source, blogs, talks, etc) to show how we protect our customers and to assist teams in other companies.

You have experience and interests covering some of the following:

Good customer service, what it looks like and how to provide it.

Knowledge of security vulnerabilities and their potential impact.

Inquisitive nature and able to learn by seeking assistance when needed.

Ownership Mentality to taking on responsibility and getting things done.

Experience with incident response as a contributor or responder.

Ability to partner closely with cross-functional internal (and possibly external) stakeholders.