Senior Product Security Engineer at Vercel

This role is ideal for a senior security professional with at least 5 years of experience who is deeply embedded in the modern web ecosystem. You should be a JavaScript/TypeScript expert who understands the nuances of Node.js and Next.js, as you'll be securing both internal infrastructure and high-profile open-source projects. This is a high-autonomy position that blends deep technical audits with strategic leadership. The compensation is highly competitive ($196k–$294k plus equity) for a fully remote U.S. role. Working at Vercel offers unique "industry-shaping" impact, as your security decisions will influence the millions of developers using their platform and open-source tools like Next.js. You’ll also enjoy a flexible remote culture, a dedicated WFH budget, and the chance to manage a world-class bug bounty program. **You might be a good fit if you...** * Have extensive experience with threat modeling and securing serverless/cloud-native architectures. * Are comfortable conducting deep-dive secure code reviews in TypeScript and Node.js. * Enjoy collaborating with the open-source community and managing vulnerability disclosures. * Want to build automated security guardrails directly into CI/CD pipelines using tools like GitHub Advanced Security.