The position.

The engineering team at Root strives to be one of the most transformative engineering teams ever. We’re changing the way an industry works by leveraging technology and data to build the best products possible. Even with our significant growth, we operate in small teams that are given ownership over projects and results. We’ve found that the people closest to the problems are the best at solving them. We’re actively hiring Engineers remotely and excited to announce that Root is a “work where it works best” company. Meaning we will support you working in whatever location that works best for you across the US. We will continue to have our headquarters in Columbus and offices in other locations to give more flexibility and more choice about how we live and work.

Root’s Information Security team is dedicated to managing information security risk within the organization, while enabling development and product teams to do their cutting-edge work, and we’re looking for an experienced Application Security Engineer to join us. In this role, you’ll be a key contributor to how Root implements DevSecOps, and be able to influence our approach and ensure what we deliver to our customer is as secure as possible.

What you’ll achieve.

  • Deliver secure, high-quality features by working closely with Product and Engineering teams
  • Coordinate and drive remediation of identified vulnerabilities and control deficiencies
  • Integrate security test automation and tooling within CI/CD pipelines
  • Coach engineers on how to find and fix security bugs, and provide guidance to developers around secure coding techniques and methods
  • Perform design and code reviews to identify risk and assist developers in improving overall product security
  • Work across teams to tackle complex security issues

What we’re looking for.

  • Deep understanding of common web and application architectures and technologies, and relevant security concepts
  • Experience with several programming paradigms and at least one common programming language/environment
  • Experience evaluating and securing web and mobile applications against common security issues (including OWASP Top 10)
  • An understanding of cloud environments and providers, as well as implementations of application security concepts within them
  • Solid knowledge of continuous integration pipelines and automating security feedback
  • Experience maturing a Secure Software Development Lifecycle using DevSecOps approaches
  • An understanding of how to take business goals into account when making technical decisions, and communicating application security and other technical concepts to non-technical stakeholders


Apply for this Job

* Required


Voluntary Self Identification

Voluntary Self ID Questionnaire (US)

Individuals seeking employment at Root Insurance are considered without regards to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, gender identity, or sexual orientation. 

Why are we asking?

In order to track our effectiveness in recruiting a wide range of talent, we invite all applicants to self-identify demographic information. Completion of the form is entirely voluntary. Whatever your decision, it will not be considered in the hiring process or thereafter. Any information that you do provide will be recorded and maintained in a confidential file.

Self-identification categories 

  • Gender Identity: How a person identifies their gender, regardless of their gender assigned at birth. 
  • LGBTQIA: A person's sexual identity.
  • Race/Ethnicity: A person’s racial, ethnic or origin identity. 
  • Disability Status: A person’s physical or mental impairment which may limit one or more of their major life activities. Learn more here. 
  • Military Service: A person who has spent time serving in any branch of the military (retired or active). Learn more here
To which gender (or genders) do you most closely identify? Select all that apply

Do you identify as a member of the LGBTQIA+ community? (Select one)

What is your race and/or ethnicity? Please check all that apply.

Military Veteran Status (Select one)

Disability Status (Select one)