CrawlJobs Logo

Browser Security Engineer

perplexity.ai Logo

Perplexity

Location Icon

Location:
United States , San Francisco

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

210000.00 - 385000.00 USD / Year
Save Job
Save Icon
Apply Position

Job Description:

As Comet continues to grow as a stand-alone product and codebase, we are seeking a Browser Security Engineer to lead and own browser-specific security initiatives, including custom Chromium development, extension security, and cross-device features.

Job Responsibility:

  • Lead threat modeling and security architecture reviews for all Comet browser surfaces
  • Collaborate closely with product and engineering teams to proactively identify and mitigate browser vulnerabilities, especially issues specific to custom Chrome engineering and browser extension architecture
  • Develop security best practices, tooling, and documentation for engineers building browser-facing features
  • Serve as the security expert for topics such as Same-Origin Policy (SOP), XSS, sandboxing, browser extension permissions, and secure inter-device communication
  • Triage and resolve vulnerabilities found by external researchers (e.g., bug bounty, red-teaming partners) and the Chromium community
  • Build strong relationships with security partners and leverage their feedback for continuous improvement
  • Stay up to date on emerging browser security threats, tools, and industry trends

Requirements:

  • Prior experience in browser, application, or product security (ideally with Chrome/Chromium or other browser engine experience)
  • Deep knowledge of modern browser architectures
  • understanding of XSS, CSP, sandboxing, extension security, and WebView-specific threats
  • Experience with security reviews and threat modeling for web, mobile, and extension platforms
  • Ability to work cross-functionally with engineers, product leads, and external security researchers

Nice to have:

  • Contributions to open-source browser projects, security research, or participation in bug bounty programs
  • Experience with web and mobile threat modeling
  • Familiarity with secure sync and cross-device communication mechanisms
  • Track record of proactive security work embedded within product teams
What we offer:
  • Offers Equity
  • Full-time U.S. employees enjoy a comprehensive benefits program including equity, health, dental, vision, retirement, fitness, commuter and dependent care accounts, and more
  • Full-time employees outside the U.S. enjoy a comprehensive benefits program tailored to their region of residence

Additional Information:

Job Posted:
February 21, 2026

Employment Type:
Fulltime
Icon
Perplexity - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon
PREMIUM
More languages and countries
+ Unlock 31697 hidden job offers
Languages
English Čeština Deutsch Ελληνικά Español Français +15
Countries
United States United Kingdom India Canada Australia +
See plans
Plans from $2.99 / month

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Browser Security Engineer

Corporate Security Engineer

We are looking for a Corporate Security Engineer to work with our Security, Engi...
Location
Location
Netherlands
Salary
Salary:
Not provided
clickhouse.com Logo
ClickHouse
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience with automation tools and scripting
  • Familiarity with security and privacy compliance programs
  • Strong stakeholder management skills
Job Responsibility
Job Responsibility
  • Architect and secure corporate security assets and infrastructure supporting ClickHouse products and services (e.g. Google Workspace, Okta)
  • Collaborate with business operations, IT, legal, product and engineering teams to facilitate safe and secure use of company assets (e.g. user and device provisioning)
  • Develop and maintain corporate security tools and processes (endpoint security, mobile device management, vulnerability management, patch management, system hardening, vendor management, user authentication and authorization, physical security, DLP)
  • Support the ClickHouse compliance security and privacy programs including SOC 2 Type II and ISO 27001
  • Manage vendor on-boardings and secure configuration (e.g. integrations, Slack Apps, browser extensions)
  • Lead security training program
  • Collaborate with business operations on resolving ad-hoc IT and IT security tasks
  • Develop and improve insider risk program
  • Identify and respond to security issues, vulnerabilities, and incidents concerning corporate assets and users
What we offer
What we offer
  • Flexible work environment
  • Healthcare - Employer contributions towards your healthcare
  • Equity in the company - Every new team member who joins our company receives stock options
  • Time off - Flexible time off in the US, generous entitlement in other countries
  • A $500 Home office setup if you’re a remote employee
  • Global Gatherings – We believe in the power of in-person connection and offer opportunities to engage with colleagues at company-wide offsites
Read More
Arrow Right

Corporate Security Engineer

We are looking for a Corporate Security Engineer to work with our InfoSecurity, ...
Location
Location
United Kingdom
Salary
Salary:
Not provided
clickhouse.com Logo
ClickHouse
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience with automation tools and scripting
  • Familiarity with security and privacy compliance programs
  • Strong stakeholder management skills
Job Responsibility
Job Responsibility
  • Architect and secure corporate security assets and infrastructure supporting ClickHouse products and services (e.g. Google Workspace, Okta)
  • Collaborate with business operations, IT, legal, product and engineering teams to facilitate safe and secure use of company assets (e.g. user and device provisioning)
  • Develop and maintain corporate security tools and processes (endpoint security, mobile device management, vulnerability management, patch management, system hardening, vendor management, user authentication and authorization, physical security, DLP)
  • Support the ClickHouse compliance security and privacy programs including SOC 2 Type II and ISO 27001
  • Manage vendor onboardings and secure configuration (e.g. integrations, Slack Apps, browser extensions)
  • Lead security training programs
  • Collaborate with business operations on resolving ad-hoc IT and IT security tasks
  • Develop and improve insider risk program
  • Identify and respond to security issues, vulnerabilities, and incidents concerning corporate assets and users
What we offer
What we offer
  • Flexible work environment - ClickHouse is a globally distributed company and remote-friendly. We currently operate in 20 countries
  • Healthcare - Employer contributions towards your healthcare
  • Equity in the company - Every new team member who joins our company receives stock options
  • Time off - Flexible time off in the US, generous entitlement in other countries
  • A $500 Home office setup if you’re a remote employee
  • Global Gatherings – We believe in the power of in-person connection and offer opportunities to engage with colleagues at company-wide offsites
Read More
Arrow Right

Corporate Security Engineer

We are looking for a Corporate Security Engineer to work with our Security, Engi...
Location
Location
United States
Salary
Salary:
169150.00 - 225000.00 USD / Year
clickhouse.com Logo
ClickHouse
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience with automation tools and scripting
  • Familiarity with security and privacy compliance programs
  • Strong stakeholder management skills
Job Responsibility
Job Responsibility
  • Architect and secure corporate security assets and infrastructure supporting ClickHouse products and services (e.g. Google Workspace, Okta)
  • Collaborate with business operations, IT, legal, product and engineering teams to facilitate safe and secure use of company assets (e.g. user and device provisioning)
  • Develop and maintain corporate security tools and processes (endpoint security, mobile device management, vulnerability management, patch management, system hardening, vendor management, user authentication and authorization, physical security, DLP)
  • Support the ClickHouse compliance security and privacy programs including SOC 2 Type II and ISO 27001
  • Manage vendor on-boardings and secure configuration (e.g. integrations, Slack Apps, browser extensions)
  • Lead security training program
  • Collaborate with business operations on resolving ad-hoc IT and IT security tasks
  • Develop and improve insider risk program
  • Identify and respond to security issues, vulnerabilities, and incidents concerning corporate assets and users
What we offer
What we offer
  • Flexible work environment - ClickHouse is a globally distributed company and remote-friendly. We currently operate in 20 countries
  • Healthcare - Employer contributions towards your healthcare
  • Equity in the company - Every new team member who joins our company receives stock options
  • Time off - Flexible time off in the US, generous entitlement in other countries
  • A $500 Home office setup if you’re a remote employee
  • Global Gatherings – We believe in the power of in-person connection and offer opportunities to engage with colleagues at company-wide offsites
  • Fulltime
Read More
Arrow Right

Senior Web Security Engineer, Browser Platform

Working on the Security Functional Team, you'll play a pivotal role in ensuring ...
Location
Location
Salary
Salary:
178500.00 USD / Year
duckduckgo.com Logo
DuckDuckGo
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of experience in web or application security (performing security assessments, vulnerability research, penetration testing, or secure code review)
  • Advanced programming or scripting experience with JavaScript
  • Experience with at least one WebView technology (WebKit, WebView2, Chromium WebView, etc.) and understanding of browser security models (SOP, CSP, CORS, SameSite cookies)
  • Hands-on experience identifying and exploiting web vulnerabilities (XSS, CSRF, injection attacks, authorization flaws, etc.)
  • Familiarity with security testing tools and frameworks
  • Experience partnering and collaborating with Product Engineers, advising on security matters and helping teams ship secure code faster
  • Experience shaping how an organisation thinks about security - driving best practices, improving processes, and raising the bar across teams
Job Responsibility
Job Responsibility
  • Conduct browser security audits (special pages, DuckAI integrations, password manager, etc.)
  • Execute on SERP security mitigations (XSS prevention, tooling development to help engineers write safer code)
  • Manage application security scanning infrastructure setup (aka SAST/DAST integrations in GitHub)
  • Deliver on Internal red-team operations (simulated attack scenarios)
  • Support security triage
What we offer
What we offer
  • Offers Equity
  • Paid parental leave
  • Office setup allowance
  • Co-working allowances
  • Fulltime
Read More
Arrow Right

Senior Security Researcher

We are looking for a Security Researcher who thrives on both sides of the fence....
Location
Location
Israel , Tel Aviv
Salary
Salary:
Not provided
island.io Logo
Island
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in at least one of the following: security research, vulnerability research, malware analysis, threat intelligence, or detection engineering
  • Offensive security mindset with the ability to flip to the defensive side — finding attacks and building mitigations
  • Strong analytical skills — comfortable digging into unfamiliar code, protocols, or systems and figuring out how they break
  • Familiarity with operating system internals (Windows and/or macOS)
  • Hands-on experience with reverse engineering or dynamic/static analysis tools
  • Ability to write code for automation, tooling, and proof-of-concepts
  • Strong written and verbal communication — ability to write compelling research and present at conferences
Job Responsibility
Job Responsibility
  • Offensive Research: Discover new attack vectors, abuse patterns, and security gaps in browsers, web applications, OS internals, and enterprise workflows
  • Defensive Engineering: Design and implement detections, mitigations, and security policies informed by your offensive findings
  • close the loop from attack to protection
  • Vulnerability & Malware Analysis: Perform reverse engineering on malware, exploits, and obfuscated code across Windows, macOS, and browser environments
  • Web & Browser Security: Research techniques ranging from classic vulnerabilities (XSS, SSRF) to browser-specific primitives (extension abuse, DOM manipulation, same-origin bypasses)
  • Supply-Chain Security: Investigate threats in software supply chains, including browser extension marketplaces and package registries
  • Threat Intelligence: Correlate signals across multiple sources to identify malicious infrastructure and adversary TTPs
  • Public Impact: Write technical blog posts, publish research, and represent Island at major security conferences (Black Hat, DEF CON, etc.)
Read More
Arrow Right

Security Engineer

We are seeking an experienced Security Engineer to join our Platform Team. This ...
Location
Location
United States; Canada
Salary
Salary:
Not provided
stedi.com Logo
Stedi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 4+ years of experience in engineering, working as a security engineer or in security-adjacent roles
  • Familiarity with compliance frameworks such as SOC, HIPAA, and/or HITRUST
  • 4+ years working with AWS services, including compliance and governance services like AWS Organizations, AWS CloudTrail, AWS Config, Security Hub, and GuardDuty
  • Proficiency in TypeScript
  • Ability to prioritize your work based on the needs of the business and the customers
  • High bandwidth
  • thoughtful attention to many areas simultaneously
  • Ability to context switch throughout the course of the day or week as priorities shift
  • Philosophical alignment with the Stedi Standards and the Unwritten laws of engineering
Job Responsibility
Job Responsibility
  • Develop playbooks and address security-related tasks in our AWS serverless environments
  • Drive improvements in our broader security posture, including application security, endpoint security, access management / just-in-time access, email and web gateways, browser security, and data loss prevention
  • Collaborate with product engineering teams to raise the bar for security, supporting CI/CD pipelines, dependency management, and secure application design reviews
  • Help secure and improve our AWS organization using infrastructure as code (CDK), enforcing security controls, and ensuring strong tenant isolation
  • Continuously assess vulnerabilities and perform regular risk assessments
  • Fulltime
Read More
Arrow Right

Technology Services Engineer – Endpoint Protection

Immediate need for an Endpoint Protection Tech Services Engineer to work with a ...
Location
Location
United States , Alpharetta, Georgia
Salary
Salary:
Not provided
tier4group.com Logo
Tier4 Group
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3+ years in an MSP or multi-tenant environment focused on endpoint security and patch management
  • Hands-on expertise with device management tools
  • Operational experience with EDR/XDR and vulnerability tools for Endpoints including policy tuning, incident handling, and containment
  • Intermediate PowerShell for automation and reporting
  • Solid fundamentals in Windows endpoint administration, AD/Entra device compliance, networking basics and change management
  • Clear, concise communication: comfortable leading client-facing security reviews and incident updates
Job Responsibility
Job Responsibility
  • Patch management at scale: Build ringed deployment strategies, pilots, and phased rollouts
  • schedule maintenance windows
  • handle approvals/rollback
  • track patch compliance SLAs across Windows (and macOS where applicable) via various ITSM tools
  • Application & driver updates: Package, test, and deploy third-party updates (e.g., browsers, runtimes)
  • manage superdense and compatibility issues
  • EDR/XDR operations: Deploy and maintain EDR/XDR
  • configure policies, prevention/visibility settings, exclusions, device control, and rules
  • monitor detections and contain/isolate endpoints
  • Threat hunting & investigations: Use ITSM tools (Advanced Hunting / KQL) to identify IOCs, suspicious behaviors, lateral movement, and persistence
What we offer
What we offer
  • Competitive salary
  • comprehensive benefits (medical, dental, vision, life, disability, 401(k) match)
  • robust PTO
  • Impactful work: your projects directly support the systems that power healthcare delivery
  • Close collaboration with experienced engineers and IT leaders across infrastructure, cloud, and security
  • Opportunity to shape and scale project delivery practices in a growing MSP environment
  • Fulltime
Read More
Arrow Right

Senior Product Security Researcher

As a Product Security Researcher at Island, you will dive deep into the security...
Location
Location
Israel , Tel Aviv
Salary
Salary:
Not provided
island.io Logo
Island
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong understanding of browser internals, OS security mechanisms, or application-layer security
  • Proficiency in one or more programming/scripting languages (e.g., Python, JavaScript, C/C++, Go)
  • Experience in vulnerability research, bug hunting, reverse engineering, or exploit development
  • Familiarity with common vulnerability classes (e.g. RCE, memory corruption, sandbox escapes)
  • Curiosity-driven mindset with a passion for breaking things and understanding how they work
  • Experience with fuzzing tools, debuggers, or reverse engineering frameworks is a strong plus
Job Responsibility
Job Responsibility
  • Vulnerability Research: Identify and analyze vulnerabilities in browser components, system integrations, and third-party libraries relevant to the Island Enterprise Browser
  • Security Testing & Tooling: Develop custom tooling and automation for security testing, fuzzing, and vulnerability detection tailored to our product stack
  • Threat Modeling: Collaborate with developers, architects, and the Product Security Lead to assess threat scenarios and attack surfaces for new features and integrations
  • Exploit Prototyping: Build proof-of-concepts to validate the impact and exploitability of discovered security issues
  • Collaboration & Knowledge Sharing: Support development teams in secure coding practices, and contribute to internal knowledge bases and playbooks
  • Security Research Enablement: Stay ahead of the curve by tracking current exploits, security trends, and techniques
  • attend or present at security conferences and engage with the broader security community
  • Fulltime
Read More
Arrow Right