Vercel

Senior Product Security Engineer

Vercel

full-time

Posted on:

Location Type: Hybrid

Location: CaliforniaNew YorkUnited States

Visit company website

Explore more

AI Apply
Apply

Salary

💰 $196,000 - $294,000 per year

Job Level

Senior

Tech Stack

CloudJavaScriptNext.jsNode.jsSDLCTypeScript

About the role

  • Partner with engineering and product teams to perform threat modeling for new and existing features.
  • Conduct secure code reviews and security assessments on products and services built with Next.js, Node.js, and our serverless backend.
  • Oversee Vercel’s open-source security efforts.
  • Evaluate, select, and integrate security tools into our Software Development Life Cycle.
  • Own and expand Vercel’s bug bounty program.
  • Lead and contribute to security projects that span multiple teams and disciplines.
  • Work closely with customer success and product marketing on security-related initiatives that impact our users.

Requirements

  • 5+ years of experience in an Product Security or Product Security role (or related field), with a track record of securing web products and services.
  • Strong familiarity with JavaScript/TypeScript and Node.js runtime security.
  • Demonstrated ability to perform threat modeling and architectural risk analysis for complex product.
  • Hands-on experience with product security tooling such as static product security testing (SAST), dynamic testing (DAST), dependency vulnerability scanners, and CI/CD pipeline security integration.
  • Knowledge of open-source security best practices.
  • Exposure to running or participating in a bug bounty program or vulnerability disclosure process.
  • Solid understanding of cloud architecture and serverless environments from a security perspective.
  • Proven ability to drive security initiatives and influence engineering teams to adopt best practices.
Benefits
  • Competitive compensation package, including equity.
  • Inclusive Healthcare Package.
  • Learn and Grow - we provide mentorship and send you to events that help you build your network and skills.
  • Flexible Time Off.
  • We will provide you the gear you need to do your role, and a WFH budget for you to outfit your space as needed.
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
JavaScriptTypeScriptNode.jsthreat modelingarchitectural risk analysisstatic application security testing (SAST)dynamic application security testing (DAST)dependency vulnerability scannersCI/CD pipeline securitycloud architecture
Soft Skills
leadershipcollaborationinfluencecommunication