Product Security Engineer

New

If you're based within a pre-determined commuting distance of one of our offices (SF, NY, London, or Berlin), the role includes in-office anchor days on Monday, Tuesday, and Friday. If you're located beyond that distance, the role is fully remote.Full-TimeSenior

Salary$208,000.00 - $312,000.00 (San Francisco base pay range; adjusted by location)

Apply NowOpens the employer's application page

Job Details

Experience: 5+ years
Required Skills: Node.jsJavascriptTypeScriptNext.jsCI/CD

Requirements

5+ years of experience in a Product Security role or related field.
Strong familiarity with JavaScript/TypeScript and Node.js runtime security.
Experience with modern web frameworks, ideally Next.js or React.
Demonstrated ability to perform threat modeling and architectural risk analysis.
Hands-on experience with product security tooling like SAST, DAST, and dependency scanners.
Experience implementing secure development lifecycle practices.
Knowledge of open-source security best practices and package management security.
Familiarity with cloud and serverless security architectures.
Proven ability to drive security initiatives and influence cross-functional teams.

Responsibilities

Partner with engineering and product teams to perform threat modeling for new and existing features.
Conduct secure code reviews and security assessments on products and services built with Next.js, Node.js, and serverless backends.
Oversee Vercel’s open-source security efforts and coordinate vulnerability fixes for third-party packages.
Drive the implementation of automated security checks, such as SAST and dependency scanning, into CI/CD pipelines.
Manage and expand the bug bounty program, triaging and validating vulnerability reports.
Lead cross-organizational security projects and champion a security-first culture across engineering teams.
Provide security expertise for customer-facing documentation, audits, and security questionnaires.

View Full Description & ApplyYou'll be redirected to the employer's site