Staff Software Engineer, Security
Remote - North America
Hi, we're The Browser Company đ and we're building a better way to use the internet.
Browsers are unique in that they are one of the only pieces of software that you share with your parents as well as your kids. Which makes sense, they're our doorway to the most important things â through them we socialize with loved ones, work on our passion projects, and explore our curiosities. But on their own, they donât actually do a whole lot, theyâre kind of just there. They donât help us organize our messy lives or make it easier to compose our ideas. We believe that the browser could do so much more â it can empower and support the amazing things we do on the internet. Thatâs why weâre building one: a browser that can help us grow, create, and stay curious.
To accomplish this lofty task, weâre building a diverse team of people from different backgrounds and experiences. This isnât optional, itâs crucial to our mission, as we need a wide range of perspectives to challenge our assumptions and shape our browser through a bold, creative lens. With that in mind, we especially encourage women, people of color, and others from historically marginalized groups to apply.
As a Software Engineer, Security at The Browser Company, you will be at the forefront of building a new security paradigm for AI-powered web interaction. As part of a pioneering team, youâll design the security architecture for our next-generation AI assistant and lead critical R&D work to create a robust, forward-looking security framework. Youâll also support our foundational security needs, enabling us to scale safely while innovating in areas like threat modeling, AI risk mitigation, and data protection. This role will require a blend of hands-on engineering and high-level strategy, working closely with our CTO and senior architects to secure our infrastructure and build systems, and more to protect our users and their data.
Overall you will...
Own and evolve our security strategy, balancing R&D for our AI assistantâs security framework with proactive risk mitigation for both employees and users.
Work with the engineering team to build a new security sandbox that protects our assistant from emerging threats, ensuring secure AI interactions on the web.
Build security critical infrastructure that powers the future of AI-powered web interactions.
Conduct threat modeling for systems and features, especially those interfacing with untrusted sources, to preemptively mitigate security risks.
Partner with engineers to incorporate security best practices into new features, with a focus on protecting AI functionality from prompt injections, jailbreaks, and other vulnerabilities.
Design and manage security strategies unique to AI technologies, supporting incident responses and enhancing the assistantâs resilience.
Develop and uphold security policies and procedures across the organization, support compliance efforts, and lead incident response.
After 1 month you will...
Get onboarded onto the team and codebase with an onboarding buddy
Receive a number of onboarding presentations on how we give each other feedback, the phases a startup goes through, our technical strategy, and more
Get familiar with our application, infrastructure, data stores, and existing security policies
Have shipped a few bug fixes and features across our codebase
Have pair programmed with a portion of the engineering team
After 3 months you will...
Be the point of contact for security reviews across some portion of our codebase
Understand the AI threat landscape and mitigate major AI security hazards or prompt injections
Deploying new security infrastructure to enable product to develop secure by default
Have a strong grasp on our security needs and start prioritizing which projects we need to move forward
Be regularly posting feedback about using the browser in our #dogfooding channel
After 6 months you will...
Conduct security reviews across our server and client repositories
Collaborate with engineers to figure out how to bake security into our architecture
Own part of our security strategy and prioritize security projects to move forward
Own our security policies and procedures, and ensure we adhere to them
Support and lead security incident responses across the organization
Be interview trained and interviewing candidates for roles at the Browser Company
5+ years leading large-scale security projects with a focus on security engineering.
Proficiency in programming languages (such as Golang, Swift, Python, etc.),
You have experience conducting security reviews for application and infrastructure changes
You have excellent communication skills and are able to work cross-functionally with Legal and IT to develop and implement new security policies and procedures
You care deeply about user privacy and are vigilant about mitigating risks
You have experience working across a variety of complex codebases
You have experience tech leading critical projects or initiatives within your team and organization
You have at least 4 hours of overlap time with team members located in Eastern Time Zone
đ° With our flexible compensation model, employees have the ability to choose the cash-to-equity ratio that best suits their individual needs. Every offer we extend includes three options: a salary-optimized offer, an equity-optimized offer, and a balanced offer.
The annual salary range for this role is $240,000 - $300,000 USD. The actual salary range offered will vary based on experience level and interview performance.
đ§đťââď¸ In addition to a competitive salary and equity package, we provide every employee with the following benefits:
comprehensive benefits package with employee medical, dental, and vision - we cover 100% of premiums for employees, and up to 95% for dependents
401k plan
flexible vacation policy - on average, our team members take between 15-20 vacation days a year, plus federal holidays (holidays vary by location)
remote-friendly working environment - our core working hours are 11 AM-2 PM Eastern Time
12 weeks of paid parental leave
$1,500 USD home office stipend
Employees based in the US also receive additional services like free annual memberships to One Medical (where available), Talkspace, Teladoc, and HealthAdvocate
The Browser Company is a well-funded, ambitious startup of about 85 people (and growing!) who are passionate about building great products. We are a remote-first, distributed team, with the option to work in office in New York. We strongly support diversity and encourage people from all backgrounds to apply.Â
đ To read more about what we value as a company, check out Notes on Roadtrips on our blog.
Job Profile
North America only
Benefits/PerksDiverse Team Diverse team environment Onboarding buddy Onboarding support Remote work
Tasks- Build security infrastructure
- Collaborate with engineers
- Conduct threat modeling
- Design security architecture
- Develop security policies
- Lead R&D for security framework
AI AI Risk Mitigation AI technologies Architecture Communication Compliance Data Protection Design Engineering Feedback Incident Response Infrastructure Onboarding Performance Proactive Risk Mitigation Python Risk mitigation Security Security Architecture Security Best Practices Security Framework Security Infrastructure Security policies Security Sandbox Software Engineering Strategy Swift Technical Strategy Threat modeling
Experience5 years