Basecamp is hiring a Senior Programmer on our Security · Infrastructure · Performance team to help keep our products safe, reliable, and fast until the end of the Internet. We’re accepting applications for the next two weeks with a start date in early September.
ABOUT THE JOB
You’ll pitch in on securing our Rails apps, scaling them to match their growth, keeping them fast, and ratcheting up their reliability & robustness, end to end. You’ll develop internal tooling and systems that help our Ops, Support, and Data teams run the business day to day. You’ll groom a sweet, productive app-development experience that puts a premium on designer and programmer happiness. When someone pulls the Andon Cord, you’ll help get to the very bottom of it—and identify & address the systems issue that led it.
This position is systems, security, tooling, deep-dive debugging, framework-level Rails development, web performance, and internal support, through and through. Its hallmark: getting to the bottom of it. The work draws on a broad, lumpy mix of app/security/privacy/reliability/debug engineering expertise. You can expect to grow in your strengths, versatility, and competence in this job. You can expect an inclusive, eager team who’ll support you in it, rise to challenges with you, and grow together.
Our product count outnumbers our headcount. Developing low-footprint, reliable, securable, operable, supportable apps is the prevailing wind in our sails. You will put out some fires, including incident response and remediation, but your focus will be reliability and robustness. Less-flammable apps; fewer smoldering embers; automated fire suppression. No heroics. This job isn’t about moving heaven and earth. Yes, we want to be proud of running top-flight, healthy products, but we also want to be kind, considerate, fair, flexible, and calm. Especially in crisis.
Here are some real examples of the work we’ve done lately that might help you to get a better idea of what this job entails:
- Creating Rails’ Active Storage framework and integrating it with our apps
- Dealing with a credential stuffing attack from A to Z
- Designing a live failover for cloud storage providers so we can tolerate catastrophic failure
- Building an email tracing tool so our support team can help customers track down email delivery issues
- Responding to a Rails security release by understanding the vulnerability, reproducing it, upgrading all apps, and backporting the fix to older versions of Rails
- Figuring out why certain cache hit rates unexpectedly tanked after a deploy
- Fielding a security researcher’s report of a security vulnerability, from validation to fix and awarding bounty
- Evolving our hybrid Docker-based development environment to improve ergonomics for designers & developers
- Addressing stale reads and deadlocks among concurrent web requests and background jobs
- Addressing invitation spam and signup fraud with heuristics devised in concert with our Data team
- Working with our Ops team to gracefully move petabytes of cloud storage from provider A to provider B, with full app and Active Storage support
This is a snapshot of our experience running production-grade apps and a capable, supportive team for the long haul. Your experience and background will join ours! We have worlds to learn and we’re eager to do it together. You can expect to teach us, coach us, and expect the same in return.
We’re looking for an experienced candidate who’s ready for a similar breadth and depth of work, but nobody hits the ground running. That’s a lot of different areas of responsibility! You won’t be able to answer every question immediately or know how all the systems work on day one, and we don’t expect you to. Solid fundamentals with software development, systems, troubleshooting, and teamwork pave the way.
In broad strokes, Managers of One thrive at Basecamp. We’re committed generalists, eager learners, conscientious workers, and curators of what’s essential. We’re quick to trust. We see things through. We’re kind to each other, look up to each other, and support each other. We reach for responsibility and hold ourselves accountable. We show up for the work and for each other.
We value people who can take a stand yet commit even when they disagree. And understand the value in others being heard. We subject ideas to rigorous consideration and challenge each other, but all remember that we’re here for the same purpose: to do good work together. Charging the trust battery is part of the work. That comes with direct feedback, openness to each others’ experience, and willingness to show up for each other as well as for the technical work at hand. We’re in this for the long term.
We want strong, diverse teams built from different backgrounds, experiences, and identities. We’re ready for the ongoing work that goes into building an inclusive, supportive place for you to do the best work of your career. That starts with working no more than 40 hours a week on a regular basis and getting 8+ hours of sleep a night. Our workplace and our benefits are designed to support a sustainable, healthy relationship with your work.
You can expect a mindful onboarding process with ramp-up and time to learn. You can expect a team that listens, and to be heard. You can expect to give and provide direct feedback. You can expect to be counted on. You can expect to do your best work and build a career here. We build our apps, our teams, and our company for the long haul, with a strong eye to other teams’ effectiveness & happiness, from design to support and operations. A healthy, resilient app starts with a healthy, resilient organization.
You might have a CS degree. You might not. That’s not what we’re looking for. We care about what you can do and how you do it, not about how you got here. A strong track record of conscientious, thoughtful work speaks volumes.
This is a remote job. You’re free to work where you work best, anywhere in the world: home office, coworking space, coffeeshops. While we currently have an office in Chicago, you should be comfortable working remotely—most of the company does! That hinges on effective writing and comfort with open communication. The bulk of our work is written, from pull request discussion to long-form proposals and team chats. We do require that your normal workday has at least 4 hours overlap with the Chicago workday (currently UTC-5) without impinging on your personal/family life. Our team spans UTC+2, UTC-4, UTC-5, UTC-7. The company as a whole works works from 30+ cities across 9 countries.
PAY AND BENEFITS
We benchmark our pay to the 90th percentile of San Francisco rates. Same position, same pay, no matter where you live: between $145,000 and $179,000, matched to your experience.
Benefits at Basecamp are all about helping you lead a healthy life outside of work. We won’t treat your life as dead code to be optimized away with free dinners and dry cleaning. You won’t find lures to keep you coding ever longer. Quality time to focus on work starts with quality time to think, exercise, cook a meal, be with family and friends—time to yourself.
Work can wait. We offer fully-paid parental leave. We work 4-day weeks through the summer (northern hemisphere), enjoy a yearly paid vacation, and take a one-month sabbatical every three years. We subsidize coworking, home offices, and continuing education, whether professional or hobbyist. We look out for our well-being with monthly support for CSA (locally grown produce), fitness, and massage. We match your charitable contributions. All on a foundation of top-shelf health insurance and a retirement plan with a generous match. See the full list.
HOW TO APPLY
Please send an application that speaks directly to this position. There are no right answers or cookie-cutter expectations. Show us your role in Basecamp’s future and Basecamp’s role in yours. Address some of the work we do. Introduce yourself as a colleague. Give it a deep think and take this at your speed. We’re giving you our full attention.
Send in your application here. We’re accepting applications until 2019-07-16 00:00:00 UTC. There’s no benefit to filing early or writing a novel. Keep it sharp, short, and get across what matters to you.
Next: We expect to take two weeks to review all applications. You’ll hear from us by July 31 about advancement to a written code review. You’ll submit some code you’re proud of, review it, and tell its story. Then on to an interview. Our interviews are one hour, all remote, with your future colleagues, on your schedule. We’ll talk through some of your code and some of ours. No gotchas, brainteasers, or whiteboard coding. We aim to make an offer by August 16 with a start date in early September.
We know this is a lot of work and there’s a lot on the line. It’s a significant career move to consider. We appreciate the generosity and courage that go into giving us that consideration. Our conversation starts with this post. We look forward to hearing from you.