Vercel9 дней назад
Product Security Engineer
Remote - United States
Обязанности
- 01Threat Modeling & Design Review: Partner with engineering and product teams to perform threat modeling for new and existing features
- 02Secure Code Review: Conduct secure code reviews and security assessments on products and services built with Next.js, Node.js, and our serverless backend
- 03Open Source Security Management: Oversee Vercel’s open-source security efforts
- 04SDLC Tooling & Automation: Evaluate, select, and integrate security tools into our Software Development Life Cycle
- 05Bug Bounty Program Management: Own and expand Vercel’s bug bounty program
- 06Cross-Organizational Security Initiatives: Lead and contribute to security projects that span multiple teams and disciplines
- 07Customer-Facing Security Support: Work closely with customer success and product marketing on security-related initiatives
Требования
- 01Experienced Security Engineer: You have 5+ years of experience in an Product Security or Product Security role (or related field)
- 02Web Tech Stack Proficiency: Strong familiarity with JavaScript/TypeScript and Node.js runtime security
- 03Threat Modeling & SDLC Expertise: Demonstrated ability to perform threat modeling and architectural risk analysis for complex product
Условия
- 01In-office anchor days on Monday, Tuesday, and Friday for SF, NY, London, or Berlin-based candidates
- 02Fully remote for candidates located beyond predetermined commuting distance