Vercel9 дней назад

Product Security Engineer

Remote - United States

Обязанности

  • 01Threat Modeling & Design Review: Partner with engineering and product teams to perform threat modeling for new and existing features
  • 02Secure Code Review: Conduct secure code reviews and security assessments on products and services built with Next.js, Node.js, and our serverless backend
  • 03Open Source Security Management: Oversee Vercel’s open-source security efforts
  • 04SDLC Tooling & Automation: Evaluate, select, and integrate security tools into our Software Development Life Cycle
  • 05Bug Bounty Program Management: Own and expand Vercel’s bug bounty program
  • 06Cross-Organizational Security Initiatives: Lead and contribute to security projects that span multiple teams and disciplines
  • 07Customer-Facing Security Support: Work closely with customer success and product marketing on security-related initiatives

Требования

  • 01Experienced Security Engineer: You have 5+ years of experience in an Product Security or Product Security role (or related field)
  • 02Web Tech Stack Proficiency: Strong familiarity with JavaScript/TypeScript and Node.js runtime security
  • 03Threat Modeling & SDLC Expertise: Demonstrated ability to perform threat modeling and architectural risk analysis for complex product

Условия

  • 01In-office anchor days on Monday, Tuesday, and Friday for SF, NY, London, or Berlin-based candidates
  • 02Fully remote for candidates located beyond predetermined commuting distance