Hi. We’re looking for an awesome Rails Developer to join our growing team. If you’ve ever wanted to work for a interesting security startup with great people this is your chance. We’re a little different than your average startup so we put together this FAQ.
Q: Ok who are you guys?
A: Stratum is comprised of some really smart security hackers who were tired of working for large companies. There are people here from MITRE, HP, Fortify, RSA, Verizon Business, Cybertrust, and others. We wanted to do the small company thing and it’s worked well for us. This is our second new product launch. Our first was ThreatSim, which was very successful and taught us many lessons.
Q: What would I be working on?
A: You’d be working on our data exfiltration testing platform, XFIL, which simulates data exfiltration techniques often used by hackers and helps customers identify areas for improvement in their egress controls. Let me translate that for non-security people — remember the Target hack? They lost 70-90M credit card numbers — hackers were able to get on Target’s network and transmit the data off for several months without getting noticed. The part where they transmit the data is referred to as “exfiltration”. Our service enables organizations’ to test their ability to identify a data breach in motion. As you can imagine it’s a capability every organization needs these days.
Essentially we get to think like bad guys and help our customers improve their security. It’s an interesting space to say the least. If you ever wanted to learn more about security and cutting-edge attacks, this is the place. We simulate evil AND give our customers data that they can use to protect their organization. You will spend a lot of time thinking “if I was a bad guy I’d…” then have to pivot and think “if I was a security engineer I’d…”
Q: Where is this position located?
A: Ideally we would love this position to be based out of our office in Herndon, VA. This is a key role contributing to a new product offering. The opportunity to interact with our team will be valuable. However, we are still open to non-local candidates. We’ve had great experience with remote developers over the years. While not required — please let us know if you are open to relocation at some point.
Q: What will my day to day be like as a developer?
A: This depends on whether you are based out of our office or remote. In either scenario, you work on new features, enhancements, and issues to ensure that XFIL continues to be awesome. You keep in touch with the team using Slack, Skype, https://www.join.me, Google Hangout, and even an ol’ IP phone. Using your company provided Macbook you write code, commit to Github, and listen to your friends complain about traffic on Facebook. From time to time you may respond to a customer support ticket.
We do not require employees to be at their desk 9-5. We expect employees to be professional and get their job done — and to be available when the job requires it. XFIL is a new project, so expect a great deal of collaboration. If you work better at night, then communicate when you’ll be available, and figure out when people need you. In the end – it’s all about results.
Q: Who will I be working with?
A: Other developers, devops, sales, and maybe even customers. We’re a 20 person company so needless to say you’ll know everyone on a first name basis.
Q: What hours do you work?
A: We generally work “normal” office hours but are flexible. Most of us are on the east coast (DC area) but as long as you are in the lower 48 we’re good. We’re a startup, so sometimes there are long hours. But we all have families so we aim for a good work-life balance.
Q: What technology do you use?
A: XFIL is built entirely within Amazon Web Services. Linux, load balancers, auto-scaling, sidekiq, redis, ansible, git, Splunk, HIDS, two-factor auth, disk encryption, and a lot of cool security stuff that you probably aren’t used to seeing in a startup.
Q: What skills and qualities are you looking for in a candidate?
A: Here’s a bullet list:
– Ruby on Rails 3.0+
– Relational and non-relational databases: MySQL, Redis
– Background job processors (e.g. Sidekiq)
– Javascript frameworks (e.g. jQuery, pure JS)
– Frontend frameworks (e.g. Bootstrap)
– Client-side and server side MVC
– Comfortable with git for version control
– Continuous integration
– MS Office (hah right, could you imagine?)
The ideal candidate will be comfortable working remote and managing themselves. We’re not looking for regular employees — only apply if you have a need & desire to be involved, voice opinions, build the team/company, etc… this is start-up mode and not a 9-5 job. You will be an integral part of the team with a huge impact on the future of our product. We’re passionate about what we do and you should be too.
Q: How often do we get together in person?
A: For people local to DC we try to get together for lunch every few weeks. For those that are remote we have a few events every year (company picnic, go-kart racing, paintball, holiday party, etc.) Some of the folks here brew beer so I suspect that they hang out more often.
Q: What benefits do you offer?
A: The salary is competitive and depends on your experience. We offer the following:
– Medical, dental, and vision insurance
– SIMPLE IRA with company match
– PTO – We use the Netflix model and do not track PTO. Use what you need and be responsible are the guidelines. For those that need numbers — we tell people to work under the notion that you get 3 weeks PTO for new employees, 4 weeks for employees with us longer than a year.
– 8 federal holidays
– Choose your own laptop (hint: we like Apple products)
Apply for this position
If you are interested in helping evolve information security, tell us about yourself at careers@stratumsecurity.com. Send us your LinkedIn profile, Github repo, or anything else you feel would help us get to know you.
