Let’s get started
By clicking ‘Next’, I agree to the Terms of Service
and Privacy Policy
Jobs / Job page
Staff Security Software Engineer image - Rise Careers
Job details

Staff Security Software Engineer

Hi, we're The Browser Company 👋 and we're building a better way to use the internet.

Browsers are unique in that they are one of the only pieces of software that you share with your parents as well as your kids. Which makes sense, they're our doorway to the most important things — through them we socialize with loved ones, work on our passion projects, and explore our curiosities. But on their own, they don’t actually do a whole lot, they’re kind of just there. They don’t help us organize our messy lives or make it easier to compose our ideas. We believe that the browser could do so much more — it can empower and support the amazing things we do on the internet. That’s why we’re building one: a browser that can help us grow, create, and stay curious.

To accomplish this lofty task, we’re building a diverse team of people from different backgrounds and experiences. This isn’t optional, it’s crucial to our mission, as we need a wide range of perspectives to challenge our assumptions and shape our browser through a bold, creative lens. With that in mind, we especially encourage women, people of color, and others from historically marginalized groups to apply.

About The Role

As a Software Engineer, Security at The Browser Company, you will be at the forefront of building a new security paradigm for AI-powered web interaction. As part of a pioneering team, you’ll design the security architecture for our next-generation AI assistant and lead critical R&D work to create a robust, forward-looking security framework. You’ll also support our foundational security needs, enabling us to scale safely while innovating in areas like threat modeling, AI risk mitigation, and data protection. This role will require a blend of hands-on engineering and high-level strategy, working closely with our CTO and senior architects to secure our infrastructure and build systems, and more to protect our users and their data.

Overall you will...

  • Own and evolve our security strategy, balancing R&D for our AI assistant’s security framework with proactive risk mitigation for both employees and users.

  • Work with the engineering team to build a new security sandbox that protects our assistant from emerging threats, ensuring secure AI interactions on the web.

  • Build security critical infrastructure that powers the future of AI-powered web interactions.

  • Conduct threat modeling for systems and features, especially those interfacing with untrusted sources, to preemptively mitigate security risks.

  • Partner with engineers to incorporate security best practices into new features, with a focus on protecting AI functionality from prompt injections, jailbreaks, and other vulnerabilities.

  • Design and manage security strategies unique to AI technologies, supporting incident responses and enhancing the assistant’s resilience.

  • Develop and uphold security policies and procedures across the organization, support compliance efforts, and lead incident response.

After 1 month you will...

  • Get onboarded onto the team and codebase with an onboarding buddy

  • Receive a number of onboarding presentations on how we give each other feedback, the phases a startup goes through, our technical strategy, and more

  • Get familiar with our application, infrastructure, data stores, and existing security policies

  • Have shipped a few bug fixes and features across our codebase

  • Have pair programmed with a portion of the engineering team

After 3 months you will...

  • Be the point of contact for security reviews across some portion of our codebase

  • Understand the AI threat landscape and mitigate major AI security hazards or prompt injections

  • Deploying new security infrastructure to enable product to develop secure by default

  • Have a strong grasp on our security needs and start prioritizing which projects we need to move forward

  • Be regularly posting feedback about using the browser in our #dogfooding channel

After 6 months you will...

  • Conduct security reviews across our server and client repositories

  • Collaborate with engineers to figure out how to bake security into our architecture

  • Own part of our security strategy and prioritize security projects to move forward

  • Own our security policies and procedures, and ensure we adhere to them

  • Support and lead security incident responses across the organization

  • Be interview trained and interviewing candidates for roles at the Browser Company

Qualifications

  • 5+ years leading large-scale security projects with a focus on security engineering.

  • Proficiency in programming languages (such as Golang, Swift, Python, etc.),

  • You have experience conducting security reviews for application and infrastructure changes

  • You have excellent communication skills and are able to work cross-functionally with Legal and IT to develop and implement new security policies and procedures

  • You care deeply about user privacy and are vigilant about mitigating risks

  • You have experience working across a variety of complex codebases

  • You have experience tech leading critical projects or initiatives within your team and organization

  • You have at least 4 hours of overlap time with team members located in Eastern Time Zone

Compensation and Benefits

💰 With our flexible compensation model, employees have the ability to choose the cash-to-equity ratio that best suits their individual needs. Every offer we extend includes three options: a salary-optimized offer, an equity-optimized offer, and a balanced offer.

The annual salary range for this role is $240,000 - $300,000 USD. The actual salary range offered will vary based on experience level and interview performance.

🧘🏻‍♀️ In addition to a competitive salary and equity package, we provide every employee with the following benefits:

  • comprehensive benefits package with employee medical, dental, and vision - we cover 100% of premiums for employees, and up to 95% for dependents

  • 401k plan

  • flexible vacation policy - on average, our team members take between 15-20 vacation days a year, plus federal holidays (holidays vary by location)

  • remote-friendly working environment - our core working hours are 11 AM-2 PM Eastern Time

  • 12 weeks of paid parental leave

  • $1,500 USD home office stipend

  • Employees based in the US also receive additional services like free annual memberships to One Medical (where available), Talkspace, Teladoc, and HealthAdvocate

The Browser Company is a well-funded, ambitious startup of about 85 people (and growing!) who are passionate about building great products. We are a remote-first, distributed team, with the option to work in office in New York. We strongly support diversity and encourage people from all backgrounds to apply. 

🚙 To read more about what we value as a company, check out Notes on Roadtrips on our blog.

Average salary estimate

$270000 / YEARLY (est.)
min
max
$240000K
$300000K

If an employer mentions a salary or salary range on their job, we display it as an "Employer Estimate". If a job has no salary data, Rise displays an estimate if available.

What You Should Know About Staff Security Software Engineer, The Browser Company

Hey there! The Browser Company is on a mission to redefine how we use the internet, and we need a talent like you to join us as a Staff Security Software Engineer. Imagine a world where browsers not only serve as the gateway to our online lives but also empower users to organize their thoughts, socialize, and explore. Your role will be pivotal in crafting a security framework for our next-gen AI assistant, ensuring that both users and their data are protected. You will collaborate with our CTO and senior architects, engaging in hands-on engineering while also strategizing at high levels about our security needs. From designing security sandboxes to conducting threat modeling, your expertise will directly influence how we innovate securely. After your first month, you'll be well-acquainted with our codebase, tackling bug fixes, and contributing to a vibrant code review process. By six months in, you’ll be leading security incident responses and prioritizing critical security projects. If you have experience in security engineering, a passion for user privacy, and a knack for coding in languages like Golang or Python, we can't wait to meet you! Join us as we build a browser that goes beyond the ordinary, where security is not an afterthought but a core component of our innovative platform. Let's make the internet a better place together!

Frequently Asked Questions (FAQs) for Staff Security Software Engineer Role at The Browser Company
What responsibilities does a Staff Security Software Engineer have at The Browser Company?

At The Browser Company, a Staff Security Software Engineer is responsible for designing the security architecture for our AI-powered web interactions, balancing R&D for security frameworks while proactively mitigating risks for users and employees. You'll collaborate with engineers on building security-critical infrastructure and conduct threat modeling to preemptively address security risks, all while tailoring security strategies unique to AI technologies.

Join Rise to see the full answer
What qualifications are required for the Staff Security Software Engineer position at The Browser Company?

To become a Staff Security Software Engineer at The Browser Company, candidates need a minimum of 5 years of experience leading large-scale security projects with a focus on security engineering. Proficiency in languages like Golang, Swift, or Python, along with outstanding communication skills for cross-functional collaboration, is essential. Additionally, experience managing complex codebases and a commitment to user privacy is crucial.

Join Rise to see the full answer
What can a new Staff Security Software Engineer expect during the onboarding process at The Browser Company?

New Staff Security Software Engineers can expect a robust onboarding process at The Browser Company. You'll be paired with a buddy to help navigate through the codebase and receive several introduction sessions covering feedback culture, startup phases, technical strategy, and more. By the end of the initial month, you’ll have completed several bug fixes and shipped features, laying a solid foundation for your journey.

Join Rise to see the full answer
How does The Browser Company support diversity in the workplace for the Staff Security Software Engineer role?

The Browser Company is committed to fostering a diverse workplace where unique perspectives are valued. For the Staff Security Software Engineer position, they particularly encourage applications from women, people of color, and other historically marginalized groups. Their inclusive culture emphasizes collaboration, creativity, and respect for all backgrounds.

Join Rise to see the full answer
What benefits do Staff Security Software Engineers enjoy at The Browser Company?

Staff Security Software Engineers at The Browser Company enjoy a comprehensive benefits package that includes 100% coverage of employee medical, dental, and vision premiums, a flexible vacation policy, a 401k plan, and a $1,500 home office stipend. Additionally, there are excellent parental leave policies and access to various wellness services to ensure a healthy work-life balance.

Join Rise to see the full answer
Common Interview Questions for Staff Security Software Engineer
What strategies would you implement for the security architecture of our AI assistant at The Browser Company?

To propose effective strategies for the security architecture of the AI assistant, I would first focus on conducting a thorough threat analysis to identify potential vulnerabilities. Next, I would develop a robust security framework that includes ongoing monitoring, threat modeling, and proactive risk mitigation measures, ensuring both user safety and data protection.

Join Rise to see the full answer
Can you explain what threat modeling is and its importance in this role?

Threat modeling is the process of identifying, understanding, and addressing potential threats to a system. In the role of Staff Security Software Engineer, this is crucial as it helps anticipate security risks related to our AI functionalities and enables the development of effective mitigation strategies to safeguard user interactions.

Join Rise to see the full answer
Describe a time you led a security project. What challenges did you face?

In my previous role, I led a critical security project where we revamped the existing security framework for our application. The biggest challenge was ensuring minimal disruption during implementation while also getting buy-in from all stakeholders. I tackled this by maintaining open communication and demonstrating the long-term benefits of the new security protocols.

Join Rise to see the full answer
How would you approach integrating security best practices into the development cycle?

I would advocate for integrating security into every phase of the development cycle by promoting a culture of security awareness among developers. This includes implementing security training sessions, utilizing automated security testing tools, and regularly conducting security audits to ensure compliance with best practices.

Join Rise to see the full answer
What programming languages do you have experience with for security engineering?

I am proficient in Golang and Python, which I have used extensively for developing security tools and frameworks. I have also utilized Swift in related security applications, ensuring robust feature implementations and thorough security assessments of code.

Join Rise to see the full answer
How do you prioritize security projects that need immediate attention?

To prioritize security projects effectively, I assess the potential impact and risk of vulnerabilities, taking into consideration external threat landscapes. High-impact risks that could affect user safety or violate compliance requirements are addressed first, while also maintaining a balance with proactive security initiatives.

Join Rise to see the full answer
What experience do you have with incident response and management?

Throughout my career, I have been involved in various incident response teams where I played a key role during security breaches. I am familiar with the entire incident management lifecycle, from detection and analysis to recovery and post-incident review, ensuring that lessons learned translate into actionable security improvements.

Join Rise to see the full answer
How would you handle a security vulnerability discovered in a live system?

If a security vulnerability is discovered in a live system, I would first ensure a containment strategy is enacted to mitigate any immediate risks. Next, I would work with the team to conduct a thorough analysis of the vulnerability, follow protocols for disclosure, and implement fixes while ensuring that similar issues are preemptively addressed in the future.

Join Rise to see the full answer
What role do you think security plays in enhancing user privacy?

Security is fundamental in enhancing user privacy, as it ensures that user data is protected against unauthorized access and breaches. By implementing strong security measures, we build user trust; when users feel secure, they are more likely to engage freely with the products, promoting an overall positive user experience.

Join Rise to see the full answer
Can you describe your experience with compliance policies regarding software security?

I have extensive experience implementing compliance policies across various frameworks, including GDPR and CCPA. My role involved ensuring that our security practices aligned with legal requirements while conducting regular audits and training sessions for the team to maintain a strong culture of compliance.

Join Rise to see the full answer
Similar Jobs
Photo of the Rise User
RTX Hybrid Iowa City, IA
VIEW
Posted 22 hours ago
Photo of the Rise User
Amazon Hybrid Bellevue, WA
VIEW
Posted 10 days ago
Inclusive & Diverse
Rise from Within
Mission Driven
Diversity of Opinions
Work/Life Harmony
Transparent & Candid
Growth & Learning
Fast-Paced
Collaboration over Competition
Take Risks
Friends Outside of Work
Passion for Exploration
Customer-Centric
Reward & Recognition
Feedback Forward
Rapid Growth
Medical Insurance
Paid Time-Off
Maternity Leave
Mental Health Resources
Equity
Paternity Leave
Fully Distributed
Flex-Friendly
Some Meals Provided
Snacks
Social Gatherings
Pet Friendly
Company Retreats
Dental Insurance
Life insurance
Health Savings Account (HSA)
Photo of the Rise User
Apex Systems Remote Middletown, CT
VIEW
Posted 7 days ago
Photo of the Rise User
Auria Remote No location specified
VIEW
Posted 10 days ago
E
EXPANSIA Hybrid Warner Robins, GA
VIEW
Posted 3 days ago
Photo of the Rise User
Teck Resources Limited Hybrid Red Dog Mine
VIEW
Posted 2 days ago
Photo of the Rise User
NBCUniversal Hybrid 30 Rockefeller Plaza, New York, NEW YORK
VIEW
Posted 2 days ago
A
Auger Hybrid Bellevue
VIEW
Posted 2 days ago
Photo of the Rise User By The Browser Company

The web browser is one of the most important tools we use — not just on our computers, but in our lives. The world has changed in the past 15 years, but our web browsers look and behave pretty much th...e same. We think it’s time to push the web b...

19 jobs
MATCH
Calculating your matching score...
FUNDING
DEPARTMENTS
SENIORITY LEVEL REQUIREMENT
INDUSTRY
TEAM SIZE
LOCATION
EMPLOYMENT TYPE
Full-time, remote
DATE POSTED
December 12, 2024

Subscribe to Rise newsletter

Risa star 🔮 Hi, I'm Risa! Your AI
Career Copilot
Want to see a list of jobs tailored to
you, just ask me below!
Show me relevant jobs ASK RISA ✨
ABOUT RISE
FOR COMPANIES
REMOTE JOBS & MORE
LOOKING FOR A JOB?
FIND A JOB NEAR ME
POPULAR JOBS
Rise logo
Privacy Policy and Terms of Service
Š 2021 Work Rise LLC. All rights reserved.
Proudly made in NYC.
CONNECT
Facebook Instagram LinkedIn Tiktok