CrawlJobs Logo

Browser Security Engineer

United States, San Francisco 210000.00 - 385000.00 USD / Year · Job Posted February 21, 2026
Apply Position
Job Link Share

Job Description

As Comet continues to grow as a stand-alone product and codebase, we are seeking a Browser Security Engineer to lead and own browser-specific security initiatives, including custom Chromium development, extension security, and cross-device features.

Job Responsibility

  • Lead threat modeling and security architecture reviews for all Comet browser surfaces
  • Collaborate closely with product and engineering teams to proactively identify and mitigate browser vulnerabilities, especially issues specific to custom Chrome engineering and browser extension architecture
  • Develop security best practices, tooling, and documentation for engineers building browser-facing features
  • Serve as the security expert for topics such as Same-Origin Policy (SOP), XSS, sandboxing, browser extension permissions, and secure inter-device communication
  • Triage and resolve vulnerabilities found by external researchers (e.g., bug bounty, red-teaming partners) and the Chromium community
  • Build strong relationships with security partners and leverage their feedback for continuous improvement
  • Stay up to date on emerging browser security threats, tools, and industry trends

Requirements

  • Prior experience in browser, application, or product security (ideally with Chrome/Chromium or other browser engine experience)
  • Deep knowledge of modern browser architectures
  • understanding of XSS, CSP, sandboxing, extension security, and WebView-specific threats
  • Experience with security reviews and threat modeling for web, mobile, and extension platforms
  • Ability to work cross-functionally with engineers, product leads, and external security researchers

Nice to have

  • Contributions to open-source browser projects, security research, or participation in bug bounty programs
  • Experience with web and mobile threat modeling
  • Familiarity with secure sync and cross-device communication mechanisms
  • Track record of proactive security work embedded within product teams

What we offer

  • Offers Equity
  • Full-time U.S. employees enjoy a comprehensive benefits program including equity, health, dental, vision, retirement, fitness, commuter and dependent care accounts, and more
  • Full-time employees outside the U.S. enjoy a comprehensive benefits program tailored to their region of residence

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Browser Security Engineer

8 matching positions

Senior Security Engineer - Edge Browser

The Microsoft Edge Browser Security Team is responsible for securing Edge client...
Location
Location
United States , Redmond
Salary
Salary:
119800.00 - 234700.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field
  • Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • equivalent experience
  • Experience with relevant security research along with relevant CVEs (if available) ideally in browser vulnerability discovery
  • Experience with writing basic exploits for native or web applications
  • Development and deployment of fuzz testing and/or static analysis software
Job Responsibility
Job Responsibility
  • Analyse complex issues using multiple data sources to develop insights and identify security problems and threats
  • Identify and perform research on critical security areas, collaborate across teams, design preventive solutions, and escalate impactful findings appropriately
  • Help plan and execute strategies for growing Edge’s capabilities
  • Drive initiatives to identify and mitigate security risk for our customers
  • Oversee our security response work, acting on reports from vulnerability researchers
  • Monitor and alert the security health of Edge and plan remedial actions
  • Collaborate with other security teams across Microsoft to design and develop new security mitigations and defences
  • Work closely with our partners in the Chromium community to improve browser security
  • Leverage curiosity and learn new skills to operate in a fast-paced and ever-changing environment
  • Interact with the external security community, researchers and security conference presenters
  • Fulltime
Read More
Arrow Right

Enterprise Security Engineer

As an Enterprise Security Engineer, you'll help implement and operate the securi...
Location
Location
United States
Salary
Salary:
130600.00 - 192000.00 USD / Year
doordash.com Logo
DoorDash
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2-5 years of experience in security engineering, enterprise security, IT security, or a related field
  • Hands-on experience administering identity providers (e.g., Okta) and Google Workspace, and working knowledge of modern authentication standards (SAML, OAuth 2.0, OpenID Connect, FIDO2/WebAuthn)
  • Practical experience operating EDR/XDR platforms and securing macOS, Windows, and Linux endpoints through mobile device management (MDM)
  • Hands-on experience with at least one major cloud platform (e.g., AWS, GCP)
  • Ability to write production-quality automation scripts (e.g., Python, Go) and communicate clearly in writing
Job Responsibility
Job Responsibility
  • Implement and tune core security controls that protect employees across three global brands such as phishing-resistant multi-factor authentication, conditional access, device trust, and software-as-a-service (SaaS) posture management
  • Operate the day-to-day security stack, spanning endpoint detection and response (EDR), zero-trust network access, identity-aware proxies, browser security, and data loss prevention (DLP)
  • Use AI-assisted coding tools to automate security workflows, incident response, and compliance evidence collection, verifying the output before it ships
  • Address modern SaaS risk such as shadow IT, OAuth token sprawl, and high-risk application reviews, partnering with IT and third-party risk teams
  • Help teams adopt secure-by-default baselines so that security supports their work rather than blocking it
What we offer
What we offer
  • 401(k) plan with employer matching
  • 16 weeks of paid parental leave
  • Wellness benefits
  • Commuter benefits match
  • Paid time off
  • Paid sick leave
  • Medical, dental, and vision benefits
  • 11 paid holidays
  • Disability and basic life insurance
  • Family-forming assistance
  • Fulltime
Read More
Arrow Right

Staff Security Engineer

Our mission is to protect, defend, and secure Uber’s products, infrastructure, a...
Location
Location
United States , New York; Seattle; San Francisco; Sunnyvale
Salary
Salary:
232000.00 - 258000.00 USD / Year
uber.com Logo
Uber
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • BS/MS Degree in Computer Science, Engineering, or a related field.
  • 7+ years of industry experience in a software development or security engineering environment.
  • Proficiency in programming languages such as Golang, Java, or Python.
  • Deep understanding of distributed systems, high-availability, and high-performance system design.
  • Hands-on experience with Endpoint Security such as EDR, secure browser, and binary authentication.
Job Responsibility
Job Responsibility
  • Security Solution Development: Design, develop, and implement software solutions to automate and scale enterprise security defenses.
  • System Architecture: Own the platform and tools for securing enterprise systems across macOS, Windows, and Linux.
  • Technical Leadership: Set technical direction for specific projects by identifying priorities, managing expectations, and considering tradeoffs.
  • Innovation: Leverage automation and AI/ML to transform enterprise defense from human-driven to AI-driven.
  • Engineering Excellence: Champion best software engineering practices and empower teams to build a culture of quality and operational excellence.
  • Cross-Functional Collaboration: Partner with IT, product, and operations teams to integrate security posture improvements across the entire environment.
What we offer
What we offer
  • Uber's bonus program
  • equity award
  • 401(k) plan
  • Fulltime
Read More
Arrow Right

Senior Information Security Engineer

Mastercard is seeking candidates to join the Data Protection team with a focus o...
Location
Location
Ireland , Dublin 18
Salary
Salary:
Not provided
mastercard.com Logo
Mastercard
Expiration Date
October 10, 2026
Flip Icon
Requirements
Requirements
  • Experience operating or designing security governance or enforcement programs in large, complex environments
  • Strong understanding of information security, data protection, and risk management, particularly as applied to SaaS and third party technologies
  • Demonstrated ability to make and defend risk based decisions that balance security, policy, and business impact
  • Experience working cross functionally with Legal, Privacy, Compliance, and Technology teams
  • Ability to clearly document decisions and articulate technical and business impact to diverse audiences
  • Strong verbal and written communication skills, including executive ready summaries
  • Demonstrated technical competency in security engineering through hands on experience or relevant qualifications
  • Design and implement data models and analytics frameworks to support Shadow IT blocking decisions, escalation tracking, and governance reporting
  • Develop automated processes and dashboards to provide visibility into blocking activity, unblock requests, escalation outcomes, and trend analysis
  • Evaluate and integrate data sources (e.g., SaaS discovery tools, cloud telemetry, intake systems) to ensure accurate and timely Shadow IT decisioning data
Job Responsibility
Job Responsibility
  • Contribute to the execution of the Shadow IT and Data Protection roadmap, with primary ownership of enforcement, escalation, and governance processes
  • Develop and maintain a Shadow IT blocking strategy framework for unapproved applications, including: Blocking criteria and decision thresholds, Risk scoring aligned to data sensitivity, access, and exposure, Defined escalation paths for exceptions and high impact cases
  • Document all blocking decisions with clear business justification, technical impact assessment, and alignment to security and data protection policy
  • Establish and maintain communication protocols to notify stakeholders of application blocks, including timelines, approved alternatives, and available support resources
  • Manage unblock requests and escalations and exception processing, coordinating with Security Operations and business stakeholders to evaluate risk and determine outcomes
  • Partner with application, platform, and business teams to define paths to compliance, including remediation, onboarding to approved services, or decommissioning
  • Track and report Shadow IT metrics, including blocking trends, unblock volumes, escalation outcomes, incidents, and stakeholder satisfaction
  • Work side by side with other team members to build and mature the Shadow IT governance process, while taking lead ownership of defined processes such as: Escalations and exception handling, Cross functional coordination, Technical impact assessment, Policy alignment and enforcement
  • Build and operationalize a next generation Shadow IT governance model that provides transparency, consistency, and defensibility across the enterprise
  • Develop a way to automatically tag approved apps
  • Fulltime
Read More
Arrow Right

Security Engineer

We are seeking an experienced Security Engineer to join our Platform Team. This ...
Location
Location
United States; Canada
Salary
Salary:
Not provided
stedi.com Logo
Stedi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 4+ years of experience in engineering, working as a security engineer or in security-adjacent roles
  • Familiarity with compliance frameworks such as SOC, HIPAA, and/or HITRUST
  • 4+ years working with AWS services, including compliance and governance services like AWS Organizations, AWS CloudTrail, AWS Config, Security Hub, and GuardDuty
  • Proficiency in TypeScript
  • Ability to prioritize your work based on the needs of the business and the customers
  • High bandwidth
  • thoughtful attention to many areas simultaneously
  • Ability to context switch throughout the course of the day or week as priorities shift
  • Philosophical alignment with the Stedi Standards and the Unwritten laws of engineering
Job Responsibility
Job Responsibility
  • Develop playbooks and address security-related tasks in our AWS serverless environments
  • Drive improvements in our broader security posture, including application security, endpoint security, access management / just-in-time access, email and web gateways, browser security, and data loss prevention
  • Collaborate with product engineering teams to raise the bar for security, supporting CI/CD pipelines, dependency management, and secure application design reviews
  • Help secure and improve our AWS organization using infrastructure as code (CDK), enforcing security controls, and ensuring strong tenant isolation
  • Continuously assess vulnerabilities and perform regular risk assessments
  • Fulltime
Read More
Arrow Right

Senior Associate Network Security Engineer

The role is responsible for implementing the organization’s information security...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
amgen.com Logo
Amgen
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master’s degree or Bachelor’s degree in Computer Science, Business, Engineering, IT or related field
  • 5+ years of experience in network or network security or related field
  • In-depth knowledge of enterprise network operations, firewall operations, intrusion detection & prevention, web proxy, and IPSec/SSL-VPN/ZTNA
  • Demonstrated ability of troubleshooting complex solutions
  • Documentation using Lucid, Visio, or other diagraming software
  • Change control processes using enterprise software like Remedy or Service Now
  • NSE 4 (required)
  • Netskope Security Cloud Operation and Administration (required)
  • Strong English verbal and written communication skills
  • Excellent analytical and troubleshooting skills
Job Responsibility
Job Responsibility
  • Deploy, configure, and maintain security tools such as firewalls, IDS/IPS, WAF, DMARC, DNS, and VPN
  • Review and approve configurations for systems, networks, and applications to ensure that they meet security standards
  • Maintain and contribute to the organization’s security architecture and documentation, ensuring that it meets current and future security requirements
  • Participate in assessing security technologies and tools that align with the organization’s security strategy
  • Be knowledgeable and a voice of authority to the enterprise around network security, providing guidance, support, and mentoring to ensure the effectiveness of security operations
  • Create, modify, and remove security policies and objects within the network security toolset (Fortinet UTM, WAF, DMARC, and Netskope ZTNA) in a manner to protect Amgen’s computerized network, while providing access to enable business systems and processes
  • Troubleshoot technical issues that are related to Network Security offerings
  • Administer Enterprise Restricted Browser (Island.io) by working with Partner Enablement team to identify and grant required access to business enabling services across Amgen’s services
  • Script (Fortinet security fabric, Python) and build automation tools on an ad-hoc basis
  • Build and present knowledge sharing presentations and documentation to educate staff on network security processes
Read More
Arrow Right

Senior Application Security Engineer

We are hiring an Application Security Engineer to join our Infrastructure & Secu...
Location
Location
United States
Salary
Salary:
170000.00 - 210000.00 USD / Year
onebrief.com Logo
Onebrief
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in Application Security, Cybersecurity Engineering, Software Engineering or a related field
  • U.S. citizenship required
  • A strong understanding of Linux, containerization and orchestration, and virtual machines
  • Networking fundamentals: core protocols and secure configurations
  • A deep understanding of incident response processes
  • Clear, concise writing
  • strong documentation habits and async communication
  • Core skills and technologies: Javascript/Browser security, Network Security, Firewalls, Intrusion Detection, Static Analysis, Dynamic Analysis, Container Scanning, Kubernetes, Docker, Helm, Ansible, Terraform, Linux, AWS, DoD compliance, Monitoring and Observability tools
  • 5+ years experience in Cybersecurity, Software Engineering and/or DevOps
  • Familiarity with DevOps practices, CI/CD
Job Responsibility
Job Responsibility
  • Find Vulnerabilities in our Software: Bring an attacker’s mindset to review PRs, perform code audits, and utilize static analysis to identify vulnerable code patterns
  • Fix Vulnerabilities Across the Full Stack: Think like an adversary to find, fix, prevent or patch vulnerabilities from browser to kernel
  • Improve the Security Posture of Infrastructure: Review identity and access management, logging, auditing, monitoring to help craft a layered defense
  • Make the Team Stronger: Mentor other engineers on best security practices, share news of vulnerable libraries and compromises, engage with community on active threats and trends
What we offer
What we offer
  • Equity: Share in the company's success
  • Flexible Work Environment: Remote-first organization* with flexible work hours and unlimited PTO
  • Comprehensive Health Coverage: Health, dental, vision, and life insurance
  • Retirement Plan: 401(k) plan with company match
  • Parental Leave: 8 weeks at 100% regardless of state
  • Company Retreats: Annual company summit trips
  • Home Office Budget: $1,000 per year for home office improvements
  • Fulltime
Read More
Arrow Right

Information Security Engineer

We are seeking a Information Security Engineer to serve as a technical leader in...
Location
Location
Salary
Salary:
Not provided
deel.com Logo
Deel
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in cybersecurity
  • Handson experience with security tools like EDR, SWG, CASB, ZTNA, SSPM and DLP
  • Experience managing technical vulnerability of OS and applications for endpoints using tools like CrowdStrike Spotlight, InsightVM, Tenable, Qualys.
  • Familiarity with cybersecurity frameworks and best practices, such as MITRE, NIST, CIS, ISO27001, SOC and others.
  • Experience in collaborating with internal stakeholders to rollout enterprise security solutions.
  • Understanding and having the ability to utilize Cloud platforms such as AWS, GCP, Azure to host security tooling.
  • Excellent English in both verbal and written.
Job Responsibility
Job Responsibility
  • Act as the Subject Matter Expert (SME) for Endpoint Detection and Response (EDR) tools/process including optimizing configurations/policies, developing custom threat detection rules, and proactively improving Deel’s overall security posture for remote endpoints (Mac and Windows) and cloud assets (Eg, VMs).
  • Configure, manage, and tune the full suite of security policies within SWG, CASB and ZTNA. Assist our remote colleague with seamless experience through troubleshooting end user issues as needed.
  • Continuously improve SaaS security posture with SSPM tools and processes around it. Collaborate with diverse application owners, understand security control and resolve configuration drifts for our wide range of SaaS applications from baseline.
  • Develop a rigorous review, approval, policy enforcement and auditing for browser extensions, third party OAuth applications for SaaS applications such as Google Workspace, GitHub, Jira etc to meet security and privacy standards.
  • Design, implement, and audit security policies related to enterprise browsers (Eg, Island, Chrome Enterprise etc) including controlling access to sensitive web apps, and data loss prevention (DLP) configuration, ZTNA, secure web browsing experience but not limited to.
  • implement and manage DLP policies across Endpoint, Network, SaaS Applications and Cloud assets, directly supporting the 'Crawl-Walk-Run' program phases. Ensure DLP policies meet diverse data sovereignty, privacy (GDPR, CCPA, etc.), and national regulatory requirements.
  • Run vulnerability management programs for endpoints and servers and ensure they are patched according to the policy in collaboration with stakeholders.
What we offer
What we offer
  • Stock grant opportunities dependent on your role, employment status and location
  • Additional perks and benefits based on your employment status and country
  • The flexibility of remote work, including optional WeWork access
  • Fulltime
Read More
Arrow Right