Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
Vercel

Product Security Engineer

Vercel

Product Security Engineer at Vercel focusing on product security initiatives and collaborating with engineering teams. Key responsibilities include threat modeling, secure code review, and managing security programs.

Posted 6/26/2026full-timeSan Francisco • California, New York • 🇺🇸 United StatesMid-LevelSenior💰 $208,000 - $312,000 per yearWebsite

Tech Stack

Tools & technologies
CloudJavaScriptNext.jsNode.jsSDLCTypeScript

About the role

Key responsibilities & impact
  • Partner with engineering and product teams to perform threat modeling for new and existing features.
  • Conduct secure code reviews and security assessments on products and services built with Next.js, Node.js, and our serverless backend.
  • Oversee Vercel’s open-source security efforts.
  • Evaluate, select, and integrate security tools into our Software Development Life Cycle.
  • Own and expand Vercel’s bug bounty program.
  • Lead and contribute to security projects that span multiple teams and disciplines.
  • Work closely with customer success and product marketing on security-related initiatives that impact our users.

Requirements

What you’ll need
  • 5+ years of experience in an Product Security or Product Security role (or related field), with a track record of securing web products and services.
  • Strong familiarity with JavaScript/TypeScript and Node.js runtime security.
  • Demonstrated ability to perform threat modeling and architectural risk analysis for complex product.
  • Hands-on experience with product security tooling such as static product security testing (SAST), dynamic testing (DAST), dependency vulnerability scanners, and CI/CD pipeline security integration.
  • Knowledge of open-source security best practices.
  • Exposure to running or participating in a bug bounty program or vulnerability disclosure process.
  • Solid understanding of cloud architecture and serverless environments from a security perspective.
  • Proven ability to drive security initiatives and influence engineering teams to adopt best practices.

Benefits

Comp & perks
  • Competitive compensation package, including equity.
  • Inclusive Healthcare Package.
  • Learn and Grow - we provide mentorship and send you to events that help you build your network and skills.
  • Flexible Time Off.
  • We will provide you the gear you need to do your role, and a WFH budget for you to outfit your space as needed.

ATS Keywords

✓ Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
JavaScriptTypeScriptNode.jsthreat modelingarchitectural risk analysisstatic application security testing (SAST)dynamic application security testing (DAST)dependency vulnerability scannersCI/CD pipeline security integrationcloud architecture
Soft Skills
leadershipcollaborationinfluencecommunication