CrawlJobs Logo

Senior Product Security Engineer

vercel.com Logo

Vercel

Location Icon

Location:
United States

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

196000.00 - 294000.00 USD / Year
Save Job
Save Icon
Apply Position

Job Description:

We are looking for a Senior Product Security Engineer to join our security team to drive critical product security initiatives across Vercel’s products and platform. Your core focus will be on threat modeling, open-source software security, secure code review, SDLC tooling, and bug bounty program management. You will support both our internal product engineering teams and customer-facing security programs, ensuring that security is embedded throughout our development lifecycle and that our platform earns the trust of developers and end-users alike.

Job Responsibility:

  • Partner with engineering and product teams to perform threat modeling for new and existing features
  • Conduct secure code reviews and security assessments on products and services built with Next.js, Node.js, and our serverless backend
  • Oversee Vercel’s open-source security efforts
  • Evaluate, select, and integrate security tools into our Software Development Life Cycle
  • Own and expand Vercel’s bug bounty program
  • Lead and contribute to security projects that span multiple teams and disciplines
  • Work closely with customer success and product marketing on security-related initiatives that impact our users

Requirements:

  • 5+ years of experience in a Product Security or Product Security role (or related field)
  • Strong familiarity with JavaScript/TypeScript and Node.js runtime security
  • Experience with modern web frameworks (ideally Next.js or React and Node-based frameworks)
  • Demonstrated ability to perform threat modeling and architectural risk analysis for complex product
  • Hands-on experience with product security tooling such as static product security testing (SAST), dynamic testing (DAST), dependency vulnerability scanners, and CI/CD pipeline security integration
  • Knowledge of open-source security best practices
  • Exposure to running or participating in a bug bounty program or vulnerability disclosure process
  • Solid understanding of cloud architecture and serverless environments from a security perspective
  • Proven ability to drive security initiatives and influence engineering teams to adopt best practices

Nice to have:

  • Prior software development experience beyond security (e.g. as a frontend or backend engineer)
  • Hold relevant security certifications or recognitions (for example, OSCP, OSWE, CISSP, or notable bug bounty hall of fame entries)
  • Experience with security policy-as-code or infrastructure as code security
  • Have built or implemented security features in a product (such as authentication systems, encryption, secure CI/CD pipelines) or contributed to security community projects/tools
  • An active participant in the security community (e.g., contributing to open source security projects, writing blog posts or research, attending or speaking at security conferences)
What we offer:
  • Competitive compensation package, including equity
  • Inclusive Healthcare Package
  • Learn and Grow - we provide mentorship and send you to events that help you build your network and skills
  • Flexible Time Off
  • We will provide you the gear you need to do your role, and a WFH budget for you to outfit your space as needed

Additional Information:

Job Posted:
February 14, 2026

Employment Type:
Fulltime
Work Type:
Remote work
Icon
Vercel - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Senior Product Security Engineer

Senior Security Engineer

Atlassians can choose where they work – whether in an office, from home, or a co...
Location
Location
India , Bengaluru
Salary
Salary:
Not provided
https://www.atlassian.com Logo
Atlassian
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Demonstrated expertise and experience working in security-focused roles
  • Significant experience collaborating with engineering teams to conduct security assessments and threat modelling for on-premise as well as SaaS products
  • Strong expertise in cloud security, with a focus on AWS, GCP, and Azure, coupled with experience in container security, particularly in Docker and Kubernetes
  • Expertise in overseeing security design reviews for transitioning services from monolithic to microservices architecture
  • Experience coding in Java, Javascript, Python, or Go, and at least one scripting language
  • Experience leading large-scale projects from start to finish and mentoring other security practitioners
  • Adept experience providing SME knowledge and guidance to stakeholders and engineering functions
What we offer
What we offer
  • health coverage
  • paid volunteer days
  • wellness resources
  • Fulltime
Read More
Arrow Right

Senior Security GRC Engineer

The Senior Security GRC Engineer at Atlassian will be instrumental in implementi...
Location
Location
India , Bengaluru
Salary
Salary:
Not provided
https://www.atlassian.com Logo
Atlassian
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5-7+ years experience in a similar role, preferably in a large-scale SaaS/Product environment
  • Expertise and experience working in security-focused roles
  • Experience with application security, especially web applications
  • Experience in cloud security architecture and infrastructure
  • Experience providing SME knowledge and guidance to stakeholders and engineering functions
  • Experience working with internal/external audit and leadership teams
  • Solid knowledge of cybersecurity principles, risk management strategies, and IT governance frameworks
  • Strong communication and interpersonal skills, with the ability to interact with stakeholders at all levels and explain complex security concepts in an understandable way
  • Relevant certifications such as CISSP, CISM, or CRISC would be beneficial
  • Scripting experience to automate recurring tasks (JQL, SQL, Python, Go)
Job Responsibility
Job Responsibility
  • Deliver technical expertise and innovation, providing security guidance to teams and promoting the adoption of industry-leading methodologies to build secure products by default
  • Drive technical solutions in security and risk management
  • Leverage data analytics and visualization, deriving actionable insights from security governance, risk, and compliance data
  • Promote automation and tooling, encouraging the use of the latest security tools to enhance product security processes
  • Proactively identify and mitigate risks, recognizing potential security threats or compliance concerns specific to product security
  • Collaborate with product security teams, implementing security controls and best practices
  • Regularly evaluate and report, assessing the effectiveness of security controls
  • Influence and align stakeholders, working with security engineers and stakeholders to drive alignment on security initiatives
  • Stay informed on regulatory awareness and compliance, keeping up with the latest developments in legislative, regulatory, and industry security requirements
What we offer
What we offer
  • health coverage
  • paid volunteer days
  • wellness resources
  • Fulltime
Read More
Arrow Right

Senior Product Security Engineer

The Product Security team is responsible for making sure Atlassian products and ...
Location
Location
United States , San Francisco; Austin; Seattle; New York
Salary
Salary:
158100.00 - 253900.00 USD / Year
https://www.atlassian.com Logo
Atlassian
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years demonstrated expertise and experience working in security-focused roles
  • Experience with application security, especially web applications
  • Experience in cloud security architecture and infrastructure
  • Experience coding in Java, Python, or Go, and at least one scripting language
  • An ability to reason about security decisions
  • Experience leading projects from start to finish and mentoring other security practitioners
  • An ability to communicate ideas clearly and effectively to engineers who know way more than you about their code
Job Responsibility
Job Responsibility
  • Improve our vulnerability management program
  • Review our products' security posture
  • Define security best practices
  • Empower engineering teams to build secure software by default
What we offer
What we offer
  • Health coverage
  • Paid volunteer days
  • Wellness resources
  • Fulltime
Read More
Arrow Right

Senior Security Engineer

PagerDuty is seeking a Senior Security Engineer to join our diverse, customer-fo...
Location
Location
Canada , Toronto
Salary
Salary:
137000.00 - 207000.00 CAD / Year
https://www.pagerduty.com Logo
PagerDuty
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proficiency with Application & Product Security typically associated with 4 - 5 years of experience in a Security Engineering role working with a cloud-native, microservices environment, preferably AWS
  • Familiarity with cloud-native product technologies including: Vulnerability detection via multiple approaches including SAST, DAST, SCA, and runtime (e.g., Qualys/Nessus, Wiz, Snyk, GHAS, Semgrep, etc.)
  • CI/CD technologies and integrations (e.g., CircleCI, Buildkite, Helm, Terraform, Chef)
  • Product security event logging standards and analysis tools (e.g., SIEM such as: SumoLogic, LogRythm, or Splunk, etc.)
  • Security Incident Response & Risk Management processes and tools
  • Proficiency in at least one programming language and framework (e.g. Python, Bash, Phoenix/Elixir, Java, Ruby on Rails), typically associated with 3 - 4 years of experience with the language/framework
  • Have exceptional written, oral communication, and interpersonal skills
  • Organizational skills with the ability to successfully manage multiple priorities and deadlines
Job Responsibility
Job Responsibility
  • Embrace the role of hands-on technical lead in defining product security standards and guiding platform protections
  • Establish criteria and conduct comprehensive security reviews throughout all stages of product development to identify and address security risks
  • Perform regular threat assessments, coordinate with third-party testers for penetration testing, and conduct internal penetration testing to identify and mitigate security risks
  • Mentor and guide team members to ensure product and business objectives are prioritized in project implementations, fostering a strong documentation culture with project charters and design documents
  • Work with loosely defined requirements where you exercise your analytical skills to clarify questions, share your approach, and collaborate with the team to design and implement effective security frameworks. Maintain a strong appetite for challenging problems with a high degree of ownership
  • Participate in the team’s On-Call rotation, triaging and addressing security issues as they arise, and implement measures to prevent future occurrences
  • Enable service team security implementations by developing security-as-code constructs, including infrastructure-as-code (IaC) modules, libraries and frontend components, while creating and maintaining developer-focused documentation to promote easy adoption
  • Establish and uphold baseline standards and hardened configurations for platform components
  • Continuously enhance security frameworks by focusing on product security standards and software supply chain protections, tailored for application security in cloud-native, microservices environments
What we offer
What we offer
  • Competitive salary
  • Comprehensive benefits package from day one
  • Flexible work arrangements
  • Company equity
  • ESPP (Employee Stock Purchase Program)
  • Retirement or pension plan
  • Generous paid vacation time
  • Paid holidays and sick leave
  • Dutonian Wellness Days & HibernationDuty - companywide paid days off in addition to PTO
  • Paid parental leave: 22 weeks for pregnant parent, 12 weeks for non-pregnant parent (some countries have longer leave standards and we comply with local laws)
  • Fulltime
Read More
Arrow Right

Senior Product Security Engineer

Designs, develops, troubleshoots and debugs security programs for software enhan...
Location
Location
United States
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's or Master's degree in Computer Science, Information Systems, or equivalent
  • Typically 6-10 years experience in a security role
  • Extensive experience with product security for multiple software systems design tools and languages
  • Excellent analytical and problem solving skills
  • Experience in overall architecture of software systems for products and solutions
  • Designing and integrating software systems running on multiple platform types into overall security architecture
  • Evaluating forms and processes for software systems security testing and methodology, including writing and execution of test plans, debugging, and testing scripts and scanning tools
  • Excellent written and verbal communication skills
  • mastery in English and local language
Job Responsibility
Job Responsibility
  • Leads multiple projects & teams of other software systems engineers and internal and outsourced development partners to integrate security into all stages of design and development for complex products and platforms, including solution design, analysis, coding, testing, and integration
  • Manages and expands relationships with internal and outsourced development partners on software systems secure design and development
  • Reviews and evaluates designs and project activities for compliance with systems design and security guidelines and standards
  • provides tangible feedback to improve product quality and mitigate failure risk
  • Provides security expertise, leadership and perspective to cross-organization projects, programs, and activities
  • Drives innovation and integration of new technologies into projects and activities in the software systems design organization
  • Provides guidance and mentoring to less- experienced staff members
What we offer
What we offer
  • Health & Wellbeing
  • Personal & Professional Development
  • Unconditional Inclusion
  • Fulltime
Read More
Arrow Right

Senior Application Security Engineer

This role involves embedding security into software delivery pipelines, designin...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5–8+ years of experience in Application Security, Product Security, or Secure Software Development
  • hands-on experience securing software delivery pipelines (CI/CD) and source code repositories (GitHub, GitLab, Jenkins)
  • knowledge of supply chain security frameworks and controls (e.g., SLSA, NIST SSDF)
  • familiarity with secrets management, artifact signing (Sigstore, Cosign), and build integrity practices
  • hands-on experience with WAF tuning, API security controls, and vulnerability remediation
  • proficiency with one or more programming languages (Python, Java, Go, JavaScript/Node.js)
  • experience with SAST, DAST, SCA, and container image scanning tools
  • cloud security experience with AWS, Azure, or GCP
  • deep understanding of OWASP Top 10 (Web + API), CWE, and secure coding practices
Job Responsibility
Job Responsibility
  • secure SDLC & DevSecOps integration
  • design and implement security controls for build and release pipelines (GitHub Actions, Jenkins, GitLab, Azure DevOps)
  • ensure code integrity via signing, artifact scanning, and build provenance
  • automate SAST, DAST, SCA, and container image scanning as part of the software delivery pipeline
  • identify and remediate misconfigurations in pipeline environments and access control
  • design, implement, and monitor WAF rules and API protections
  • perform API risk assessments
  • champion secure design patterns
  • conduct secure code reviews and support automation of testing pipelines
  • triage, prioritize, and track security issues identified in code, pipelines, and deployed environments
What we offer
What we offer
  • comprehensive suite of benefits that supports physical, financial and emotional wellbeing
  • programs catered to helping you reach career goals
  • inclusive work environment
  • Fulltime
Read More
Arrow Right

Senior AI Security Engineer

Senior AI Security Engineer role in Citi's Application, Platform and Engineering...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Production system builder with security focus - proven track record of architecting and building secure, large-scale production applications and business-facing platforms from the ground up
  • Ethical hacking and penetration testing expertise - hands-on experience finding and exploiting vulnerabilities, conducting red team exercises
  • State-of-the-art security engineering with Go, Python, JavaScript
  • HashiCorp Vault mastery - deep experience writing custom plugins, creating secrets engines, implementing dynamic credentials
  • Enterprise authentication & authorization - designing and implementing OAuth, JWT, RBAC, and complex identity systems
  • API security and threat modelling - securing REST/GraphQL APIs, conducting threat assessments
  • AI/ML security and vulnerability research - understanding of LLM vulnerabilities, model security, prompt injection attacks
  • Security automation and tooling – automating manual security processes
  • Cloud-native security - securing containerized applications in Kubernetes, service mesh security
  • Incident response and forensics - experience investigating, analyzing, and responding to security incidents
Job Responsibility
Job Responsibility
  • Build secure AI products from 0-1 - Engineer production-grade, business-facing AI platforms with security built-in from day one
  • Conduct ethical hacking and red team activities - penetration testing, vulnerability research, and attack simulation
  • Design and build security tools and frameworks - Create automated security solutions that scale across fast-paced development cycles
  • Secure novel AI attack surfaces - Identify and mitigate LLM-specific vulnerabilities, prompt injection attacks, and AI model security risks
  • Lead 'shift left' security - Embed security practices throughout rapid development lifecycle while maintaining velocity
  • Mentor security practices - Guide other engineers on secure coding, vulnerability remediation, and security-first thinking
What we offer
What we offer
  • 27 days annual leave (plus bank holidays)
  • Discretional annual performance related bonus
  • Private Medical Care & Life Insurance
  • Employee Assistance Program
  • Pension Plan
  • Paid Parental Leave
  • Special discounts for employees, family, and friends
  • Hybrid working model (up to 2 days working at home per week)
  • Competitive base salary (annually reviewed)
  • Fulltime
Read More
Arrow Right

Senior Product Manager, Security

We are seeking an experienced Product Manager with a strong background in securi...
Location
Location
United Kingdom
Salary
Salary:
Not provided
clickhouse.com Logo
ClickHouse
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Engineering, or a related technical field, or equivalent practical experience
  • Minimum of 5 years of experience in product management, with a significant focus on security products or features
  • Proven experience with database security principles and best practices
  • Strong understanding of networking concepts and their implications for security
  • In-depth knowledge of identity and access management (IAM) topics
  • Demonstrated experience in quality assurance processes and methodologies
  • Solid background in program management, including planning, execution, and risk management
  • Prior experience in security engineering is required
  • Excellent communication, interpersonal, and presentation skills
  • Ability to thrive in a fast-paced, collaborative environment
Job Responsibility
Job Responsibility
  • Define and evangelize the product vision, strategy, and roadmap for security-focused features and products
  • Conduct market research, competitive analysis, and customer feedback sessions to identify opportunities and inform product decisions
  • Collaborate closely with engineering, design, sales, and marketing teams to deliver high-quality, secure products
  • Translate complex security requirements into clear, concise product specifications and user stories
  • Prioritize product backlog and manage trade-offs to optimize for business value and customer satisfaction
  • Drive product launch activities, including go-to-market strategy, sales enablement, and user documentation
  • Monitor product performance, gather insights, and iterate on product features based on data and user feedback
  • Act as a subject matter expert for security within the organization, providing guidance and insights to various stakeholders
What we offer
What we offer
  • Flexible work environment - ClickHouse is a globally distributed company and remote-friendly. We currently operate in 20 countries
  • Healthcare - Employer contributions towards your healthcare
  • Equity in the company - Every new team member who joins our company receives stock options
  • Time off - Flexible time off in the US, generous entitlement in other countries
  • A $500 Home office setup if you’re a remote employee
  • Global Gatherings – We believe in the power of in-person connection and offer opportunities to engage with colleagues at company-wide offsites
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy