about 2 hours ago
Base Salary
$208k - $312k/yr
Responsibilities
- Perform threat modeling and design reviews for new and existing features.
- Conduct secure code reviews and security assessments on products built with Next.js and Node.js.
- Oversee open-source security efforts, including vulnerability monitoring and coordination.
- Evaluate and integrate security tools into the Software Development Life Cycle.
- Manage and expand the bug bounty program, triaging and validating vulnerability reports.
- Lead cross-organizational security initiatives and act as a security champion.
- Support customer-facing security initiatives and contribute to security documentation.
Requirements
- 5+ years of experience in a Product Security role or related field.
- Strong familiarity with JavaScript/TypeScript and Node.js runtime security.
- Demonstrated ability to perform threat modeling and architectural risk analysis.
- Hands-on experience with product security tooling and CI/CD pipeline security integration.
- Knowledge of open-source security best practices and experience with package management security.
- Exposure to bug bounty programs and vulnerability management processes.
- Solid understanding of cloud architecture and serverless environments from a security perspective.
- Proven ability to drive security initiatives and influence engineering teams.
Benefits
- Competitive compensation package, including equity.
- Inclusive Healthcare Package.
- Mentorship and opportunities to attend events for skill development.
- Flexible Time Off.
- Work-from-home budget and necessary gear provided.