
Senior Product Security Engineer
Vercel
full-time
Posted on:
Location Type: Hybrid
Location: California • New York • United States
Visit company websiteExplore more
Salary
💰 $196,000 - $294,000 per year
Job Level
About the role
- Partner with engineering and product teams to perform threat modeling for new and existing features.
- Conduct secure code reviews and security assessments on products and services built with Next.js, Node.js, and our serverless backend.
- Oversee Vercel’s open-source security efforts.
- Evaluate, select, and integrate security tools into our Software Development Life Cycle.
- Own and expand Vercel’s bug bounty program.
- Lead and contribute to security projects that span multiple teams and disciplines.
- Work closely with customer success and product marketing on security-related initiatives that impact our users.
Requirements
- 5+ years of experience in an Product Security or Product Security role (or related field), with a track record of securing web products and services.
- Strong familiarity with JavaScript/TypeScript and Node.js runtime security.
- Demonstrated ability to perform threat modeling and architectural risk analysis for complex product.
- Hands-on experience with product security tooling such as static product security testing (SAST), dynamic testing (DAST), dependency vulnerability scanners, and CI/CD pipeline security integration.
- Knowledge of open-source security best practices.
- Exposure to running or participating in a bug bounty program or vulnerability disclosure process.
- Solid understanding of cloud architecture and serverless environments from a security perspective.
- Proven ability to drive security initiatives and influence engineering teams to adopt best practices.
Benefits
- Competitive compensation package, including equity.
- Inclusive Healthcare Package.
- Learn and Grow - we provide mentorship and send you to events that help you build your network and skills.
- Flexible Time Off.
- We will provide you the gear you need to do your role, and a WFH budget for you to outfit your space as needed.
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
JavaScriptTypeScriptNode.jsthreat modelingarchitectural risk analysisstatic application security testing (SAST)dynamic application security testing (DAST)dependency vulnerability scannersCI/CD pipeline securitycloud architecture
Soft Skills
leadershipcollaborationinfluencecommunication