This job post is closed and the position is probably filled. Please do not apply. Work for Auth0 and want to re-open this job? Use the edit link in the email when you posted the job!
Auth0, a global leader in Identity-as-a-Service (IDaaS), provides thousands of enterprise customers with a Universal Identity Platform for their web, mobile, IoT, and internal applications. Its extensible platform seamlessly authenticates and secures more than 2.5B logins per month, making it loved by developers and trusted by global enterprises. Auth0 has raised more than $110 million to date and continues its global growth at a rapid pace. We are consistently recognized as a great place to work based our outstanding leadership and dedication to company culture, and are looking for the best people to join our incredible team spread across more than 35 countries!\n\nAuth0 is a security company and Auth0's Security organization is in the privileged position of supporting a security-first culture for a company that wants to make the Internet safer. The Product Security team mission is to ensure that Auth0 products are as secure as our customers trust them to be. We partner closely with our Engineering and Product teams to embed security into every stage of the product life cycle.\n\nWe are looking for a Product Security Engineer with a passion for both building and breaking things to solve security problems in partnership with our Engineering teams. You will have a chance to apply your skills and passion to improve the security of our product on a daily basis.\n\n\n\n\nIn this role you will:\n\n\n\n\n* Provide security guidance to Engineering and Product teams\n\n* Build threat models and conduct risk assessments for new features and services\n\n* Perform design and code reviews (lots of them!)\n\n* Identify, triage, resolve, and manage security vulnerabilities identified in Auth0 products\n\n* Build libraries and tools to make software built at Auth0 secure by default\n\n* Make security an integral part of our CI/CD pipeline\n\n* Perform internal penetration tests and participate in red team exercises\n\n* Champion security at Auth0\n\n\n\n\n\n\n\n\n\n\nOur ideal candidate will have:\n\n\n\n\n* Strong understanding of Web application security, including hands-on exploitation skills\n\n* Familiarity with secure development practices and security testing techniques (SAST, DAST, fuzzing, etc.)\n\n* Ability to explain complex security issues and their impact to diverse audiences\n\n\n\n\n\n\n\n\n\n\nAlso nice if you have:\n\n\n\n\n* Experience running a bug bounty program\n\n* Experience with JavaScript (Node.js) development\n\n\n\n\n \n\n#Salary and compensation\n
No salary data published by company so we estimated salary based on similar jobs related to InfoSec, Engineer, Executive and JavaScript jobs that are similar:\n\n
$80,000 — $120,000/year\n
\n\n#Benefits\n
๐ฐ 401(k)\n\n๐ Distributed team\n\nโฐ Async\n\n๐ค Vision insurance\n\n๐ฆท Dental insurance\n\n๐ Medical insurance\n\n๐ Unlimited vacation\n\n๐ Paid time off\n\n๐ 4 day workweek\n\n๐ฐ 401k matching\n\n๐ Company retreats\n\n๐ฌ Coworking budget\n\n๐ Learning budget\n\n๐ช Free gym membership\n\n๐ง Mental wellness budget\n\n๐ฅ Home office budget\n\n๐ฅง Pay in crypto\n\n๐ฅธ Pseudonymous\n\n๐ฐ Profit sharing\n\n๐ฐ Equity compensation\n\nโฌ๏ธ No whiteboard interview\n\n๐ No monitoring system\n\n๐ซ No politics at work\n\n๐ We hire old (and young)\n\n
# How do you apply?\n\nThis job post has been closed by the poster, which means they probably have enough applicants now. Please do not apply.