Senior Product Security Engineer

VercelVercel·Remote(Remote - United States)
Cybersecurity
Adjust

WFA Digital Insight

As the demand for robust digital security measures continues to grow, Vercel is at the forefront with its innovative approach. With a focus on securing the AI-native web, this Senior Product Security Engineer role is particularly compelling in today's remote job market. Given the increasing importance of threat modeling and secure code review, candidates with expertise in these areas are in high demand. What sets Vercel apart is its commitment to creating a secure, developer-first platform, making this role a unique opportunity for those passionate about product security.

Job Description

About the Role

Vercel is seeking a Senior Product Security Engineer to drive critical product security initiatives across its products and platform. The core focus of this role includes threat modeling, open-source software security, secure code review, SDLC tooling, and bug bounty program management. This position supports both internal product engineering teams and customer-facing security programs, ensuring security is embedded throughout the development lifecycle.

Responsibilities

  • Threat Modeling & Design Review: Partner with engineering and product teams to perform threat modeling for new and existing features, identifying potential risks and recommending security controls or design changes.
  • Secure Code Review: Conduct secure code reviews and security assessments to ensure the security of Vercel’s products and infrastructure.

Benefits

By joining Vercel, you will be part of a team that is revolutionizing the way developers build, scale, and secure the web. This role offers the opportunity to work on high-impact projects, influence the security of open-source ecosystems, and contribute to a security-first culture within Vercel’s engineering organization.

How to Stand Out

  • To stand out, highlight your experience with threat modeling and secure code review in your resume and cover letter.
  • Be prepared to discuss your approach to secure SDLC tooling and bug bounty program management during the interview.
  • Having a portfolio that demonstrates your ability to identify and mitigate security threats will be beneficial.
  • Familiarize yourself with Vercel’s products and technology stack, including Next.js and serverless architecture, to show your enthusiasm for the role.
  • When negotiating salary, consider the industry standards for product security engineers and the value your skills bring to the company.

This is a remote position listed on WFA Digital, the platform for professionals who work from anywhere. Browse more remote jobs across all categories.