Drive critical product security initiatives across Vercel’s products and platform, focusing on threat modeling, open-source software security, secure code review, SDLC tooling, and bug bounty program management
Job Summary
Drive critical product security initiatives across Vercel’s products and platform, focusing on threat modeling, open-source software security, secure code review, SDLC tooling, and bug bounty program management.
Lead cross-organizational security projects and champion a security-first culture, influencing the security of Vercel’s core infrastructure and products, as well as the open-source ecosystems.
Partner with engineering and product teams to perform threat modeling, conduct secure code reviews, oversee open-source security efforts, integrate security tools into the SDLC, and manage the bug bounty program.
Matching Summary
Drive critical product security initiatives across Vercel’s products and platform, focusing on threat modeling, open-source software security, secure code review, SDLC tooling, and bug bounty program management.
Skills & Requirements
Must-have
Product Security Engineering
Threat modeling and risk analysis
Secure code review
Open source security management
SDLC tooling and automation
Bug bounty program management
Nice-to-have
Security champion across organization
Empathy with developers
Security policy-as-code
Infrastructure as code security
Key Requirements
5+ years of experience in Product Security
Proficiency in JavaScript/TypeScript and Node.js
Experience with secure development lifecycle practices