Senior Security Software Engineer

Benefits

Additional Information

Hover helps people design, improve, and protect the properties they love. With proprietary AI built on over a decade of real property data, Hover answers age-old questions like "What will it look like?" and "What will it cost?" Homeowners, contractors, and insurance professionals rely on Hover to get fully measured, accurate, and interactive 3D models of any property - all from a smartphone scan in minutes. At Hover, we're driven by curiosity, purpose, and a shared commitment to serving our customers, communities, and each other. We believe the best ideas come from diverse perspectives and are proud to cultivate an inclusive, high-performance culture that inspires growth, accountability, and excellence. Backed by leading investors like Google Ventures and Menlo Ventures, and trusted by industry leaders including Travelers, State Farm, and Nationwide - we're redefining how people understand and interact with their spaces. Why Hover wants you As a Security Software Engineer, you will build foundational security systems that protect our users and infrastructure. You will design and implement robust, scalable security services, acting as a primary partner for engineering teams to build secure-by-design solutions into our platform. You will take ownership of core functions such as authentication (login, MFA), identity management (SCIM, RBAC), secret management, and more. Your work will be crucial in maintaining and hardening compliance (e.g., SOC 2) and protecting sensitive data across our organization. The Team: The Infrastructure and Security team at Hover ensures the scalability, reliability, and security of our platform, empowering engineers to build and deploy applications faster, safer, and with greater stability. This collaborative team is composed of engineers with expertise in cloud infrastructure, security, automation, and CI/CD best practices. We handle everything from Kubernetes environments and cloud architecture to securing user authentication and automating vulnerability detection. Our mission is to make the best path the easiest path by providing robust automation, consistent patterns, and secure-by-design principles. We partner with engineering teams to tackle challenges like managing rich geospatial and machine learning workloads, hardening cloud infrastructure, and implementing security features across our stack (Ruby, TypeScript, Docker, GCP, Terraform, and more). Team members are supported with professional growth opportunities, a strong focus on learning, and a culture that values collaboration, innovation, and the continuous improvement of You will contribute by Security Service Development : Design and build core security services (e.g., permissions management, secrets orchestration, secure MLOps). Develop secure-by-default libraries and frameworks that empower other engineering teams to write secure code. Security Infrastructure Automation : Enhance our CI/CD pipeline with automated self-serve security controls (e.g. SAST, supply chain security controls) Architecture & Code Review : Conduct secure code and architecture reviews, enforce secure-by-design principles, and lead threat modeling. System Hardening : Build and maintain resilient cloud infrastructure. Implement network isolation, automated vulnerability detection, and defense-in-depth strategies to harden our production environment. Compliance & Process : Run security incident response, document risks, and support audits. Collaboration & Education : Advise teams on security best practices, identify and solve for developer security friction points, and bring security awareness to engineering. Your background includes 5+ years of hands-on software engineering experience. 3+ years of hands-on security-focused engineering experience. Proficient in at least one programming language (Ruby, TypeScript, Python, C++, etc.) and willingness to ramp up in others. Experience building scalable security systems (e.g., secret management, service authorization, data encryption) in a production environment. Experience with threat modeling, security design reviews, or security incident response. Experience integrating security directly into the software development lifecycle (SDLC). Meticulous attention to detail; able to be the final checkpoint on security decisions. Excellent communication and collaboration skills for cross-team interactions. Ability to mentor and train engineers on secure development processes. A proactive approach to continuous learning and staying current with emerging security trends.

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at hover? Share your experience