about 3 hours ago
Berlin, Germany +3 moreMid Level / Senior
H1B Sponsor
Base Salary
$208k - $312k/yr
Responsibilities
- Conduct deep security assessments of framework internals to identify systemic vulnerabilities.
- Drive root-cause fixes that eliminate categories of vulnerabilities across applications.
- Manage vulnerability disclosures and coordinate CVE processes for open source projects.
- Oversee the open source bug bounty program, including triaging and validating reports.
- Collaborate with framework maintainers to integrate security into the design process.
- Develop preventive tooling to catch regressions of previously fixed vulnerabilities.
- Enhance supply chain security for open source projects and manage dependencies.
Requirements
- 4+ years of experience in security engineering with hands-on open source contributions.
- Proven experience using or breaking frameworks like Turborepo, Nuxt, or Svelte.
- Strong JavaScript/TypeScript fundamentals and familiarity with modern meta-frameworks.
- Experience with structured security assessment methodologies and responsible disclosure.
- Ability to communicate security concepts clearly to diverse audiences.
- Comfortable working transparently with external researchers and the community.
Benefits
- Competitive compensation package, including equity.
- Inclusive healthcare package.
- Mentorship and opportunities to attend events for skill development.
- Flexible time off policy.
- Provision of necessary gear and a WFH budget.
