We build “You Need a Budget,” the best budgeting software and educational resources around. (Those in the know call us YNAB, which is pronounced “why-nab.”) For more than a decade, people have been buying YNAB and then telling their friends what a difference it has made in their lives. Google us, or read some of our reviews on the app store, and you’ll see what we mean. We love building something that has a huge positive impact on people’s lives.
We’ve taken the stance that it's best to make secure practices and choices a practical part of our company culture from day one. Consequently, we have a number of programs and practices in place that we’re proud of, and you can read about some of our public-facing ones in our security policy. But security is a journey, and although we have plenty of people who get obsessive about security, we’re at the point in our journey where we want someone who gets to obsess about security all day, every day. And that’s where you, our new security engineer, come in. You love helping those around you make good decisions around security and are experienced in helping build trust and comprehension around best practices. You are a critical thinker with an open mind, you reason/debate with empathy, have strong communication skills, and have deep respect for the power of collaboration.
We have one overarching requirement when it comes to joining our team: our Core Value Manifesto has to really click with you. If you’re nodding emphatically while reading this, you’ll probably like it here, and we can’t wait to connect with you!
Of course, we have some firm* requirements too, like five years of experience involved in building software, with at least 3 years dedicated to a security-focused role.
*Well, firm-ish. If you know you’re a great fit for this role but fall a little short of the five-year requirement, we encourage you to go ahead and apply. We don’t need you to be the perfect candidate on paper.
On a similar note, we know impostor syndrome can be a powerful force and may discourage fantastic people from applying. Please apply anyway. Many of us here have it too, so you’re in good company.
Okay, let’s talk about life at YNAB, and then we’ll go into detail about what we’re looking for.
You’ll naturally work with engineers, but you’ll also frequently work with everyone in our cross-functional product teams: Designers, Product Managers, and Customer Support. And since your security recommendations will often apply to how we work internally, you’ll work with employees in marketing, education, and operations too.
All of our employees have one thing in common: They’re a joy to work with. You won’t find heated arguments and raised voices here. We save our competitive spirit for YNAB’s external competitors (or the occasional spirited board/video game session), but internally we build up our teammates and celebrate their successes.
We are all keenly aware of our work's impact on customers and the company, and we recognize security and privacy are an essential part of every role, regardless of title.
So, security isn't a hard sell around here. We all work and sleep a little bit better when we know how to architect a system that is secure by design, and when we know that an errant click on that attachment isn't going to destroy the company.
And when one of us does make a security mistake, we'll admit it because we blame faulty processes, not people.
We also work really hard, together, to make working at YNAB an amazing experience, and we were (humbly) proud to be named Fortune’s #1 Best Small Company to Work For the last two years. We have a team of truly exceptional people—the kind you’ll be excited to work with. Here’s how we operate:
YNAB appreciates, respects, and trusts the expertise and judgment of our engineers. We empower them to do what they think is right.
We also work collaboratively. We continuously seek the right amount of structure and unity necessary to maximize productivity. Where it makes sense, we designate someone to make a call.
Even though our people are right a lot, it's okay to make mistakes here. Exploration and calculated risks are vital to velocity and growth. We freely admit when we're wrong. If something doesn't go as expected, we learn, bounce back, and make corrections.
You won't be alone; others will be there to help, review, reassure, and back you up. We own our processes and collective outcomes as a team.
We’ve always been a fully remote team, and have people all over the world. For this role, you’ll need to be located somewhere between the Pacific Time Zone (UTC-8) and the Central European Time Zone (UTC+1). For instance, North America and most of Europe work well. Wherever you are, just make sure you have a reliable internet connection.
We want everyone to have a full life outside of YNAB, and we seldom work more than 40 hours per week. There have been a few occasions where things got busy and people had to put some extra time in. But then they took some extra time off, so it all balances out. We work hard and smart, but we’re in this for the long haul.
We want you to take vacation. In fact, we have a minimum vacation policy of three weeks per year. Five weeks feels about right (plus two extra weeks for our company-wide December break). It’s important to get plenty of downtime and get out and do something. We’ll look forward to seeing pictures of your adventures in our #office_wall Slack channel.
When the pandemic isn’t keeping us from traveling, we get the whole team together once a year to catch up on spreadsheets and powerpoints in a Best Western conference room. Just kidding. So far, we’ve done Costa Rica, a gigantic cabin in the mountains, a beach house in the Outer Banks, a ranch in Montana, and most recently, Laguna Beach. We do really fun things at these retreats, but the highlight is inevitably just being together and having a blast.
We’re serious about helping you improve your craft. We budget for it (hey-o!). Think conferences, Lynda/Skillshare subscriptions, books, and dedicated time away from work to learn something new. We love to see our people grow.
Our team is spread across the globe, including Switzerland, Mexico, Canada, Brazil, the United Kingdom, and all over the United States. We set up team members in the US and UK as employees, and those in other countries as independent contractors.
As mentioned above, we have some time zone restrictions for this role, but as long as you're between UTC-8 and UTC+1, we’re good!
We offer excellent health, dental, and vision insurance for our US employees, where we cover 100% of the premium for you and your family. No need to check your vision, you read that right—100%. Although if you did need to check your vision, we’ve got you covered!
We also have a Traditional and Roth 401k option. YNAB matches your contributions, up to six percent of your paycheck. Matches vest immediately. (Are you a personal finance junkie like our founder Jesse? He set up YNAB’s 401k to have the lowest fee structure possible, where all plan costs are paid by YNAB, not your retirement nest egg. The investment funds available are fantastic, passively-managed, ultra-low-cost index funds. Not a PF junkie? Trust us, it’s awesome.) For UK employees, we also contribute six percent to your pension.
We also offer generous paid parental leave for all full-time team members. Here’s to increasing the world’s budgeters, one child at a time!
The starting salary range for this position is $142,000-$170,000 USD annually, depending on experience. We consider raises every year, and have a bi-annual profit-share bonus. YNAB wins, you win—that kind of thing.
If this sounds like your ideal environment, read on because now we want to talk about you. You will play a big part in building something easy and joyful to use that helps millions of people discover budgeting as an essential financial and life-planning tool. You will change lives.
When you read the following list, you’re probably going to think, “This sounds great. I could really help in these areas,” and then a few bullet points later, you’ll think, “Wait, this is too much for one person,” and that’s almost certainly true. Luckily this is only the first position we’re filling for our security team. We need your help to figure out the details, but as we learn more we can talk about growing that team where necessary. In addition, you'll have:
So although we’re searching for a security unicorn with a wide depth and breadth of knowledge, we’re not expecting you to be a magical unicorn!
You have a strong technical background with at least 5 years of experience related to building, shipping, and securing software. Ideally in a SaaS environment.
We recognize that people get into software “security” by many paths, so it’s difficult to boil our experience requirements down to a perfect list of bullet points, but you are the person we’re looking for if you:
If your path to the world of information security involved “hacking”, and you have a criminal record as a result, we’ll still consider you depending upon the circumstances. Let us know upfront so we can talk about it rather than be surprised when doing our background checks.
YNAB is an equal opportunity employer. We believe a diversity of backgrounds, beliefs, abilities, and experiences is critical to our success. We are passionate about creating a welcoming, supportive, and collaborative environment for all employees. All are encouraged to apply as we continue to grow a smart, experienced, and diverse team that loves working together to build something that matters.
We’re excited to hear from you!
P.S. If you’re not interested in this position right now, but know someone who might be, we’d appreciate you passing this along!