Staff Security Engineer (Product Security)

138 000 - 217 000$

Формат работы

remote (только United_states/canada)

Тип работы

fulltime

Грейд

principal

Английский

Страна

US, Canada

Вакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:

TL;DR

Staff Security Engineer (Product Security): Building, breaking, and hardening products like Firefox and hirify.global VPN, by embedding security into the full SDLC with an accent on proactive threat modeling, security assessments, and penetration testing. Focus on leading remediation efforts, developing automated security tests, and integrating security throughout the software development lifecycle.

Location: Remote-friendly for most locations in the US and Canada.

Salary: $138,000–$217,000 USD (ranges vary by US location tier)

Company

hirify.global is a non-profit-backed technology company focused on shaping the internet for people, making products like Firefox.

What you will do

Safeguard millions of users by embedding security into Firefox, hirify.global VPN, and other mission-critical products.
Ensure software products are secure by embedding security into the full Software Development Life Cycle (SDLC).
Anticipate, prioritize, and mitigate risks through proactive threat modeling, security assessments, and security testing.
Perform security code reviews and lead penetration testing on web, mobile, and embedded applications.
Develop and maintain automated security tests within CI/CD pipelines to catch vulnerabilities early.
Partner with engineers to integrate security throughout the software development lifecycle, providing guidance and facilitating secure releases.

Requirements

5+ years of relevant hands-on experience in product and application security.
Proficiency in secure coding practices, application security testing (SAST, DAST), threat modeling, and vulnerability assessment.
Experience in one or more languages like Python, Go, Java, or JavaScript for automation and code review.
Familiarity with security tools like Burp Suite, Nessus, and tools for CI/CD automation.
Strong communication, collaboration, and problem-solving skills, with the ability to influence cross-functional teams.

Culture & Benefits

Generous performance-based bonus plans.
Rich medical, dental, and vision coverage.
Generous retirement contributions with 100% immediate vesting.
Quarterly all-company wellness days and a day off for your birthday.
One-time home office stipend and annual professional development budget.
Quarterly well-being stipend.
Considerable paid parental leave.

Будьте осторожны: если вас просят войти в iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →