Lead secure design efforts. Partner with engineering teams on secure design and code reviews. Identify and prioritize risks early in the product lifecycle.
Build secure by default systems. Develop paved paths that systemically reduce risk and make secure development the easiest path for engineers.
Perform offensive security testing. Conduct penetration tests and code audits on new and existing products from an adversarial lens.
Improve our security tooling. Integrate and improve our static analysis, supply chain security, and vulnerability management capabilities across engineering pipelines.
Operate our responsible disclosure program. Run and improve our program by furthering automation, validating submissions, and coordinating remediation.
Improve our products. Write and ship code to remediate vulnerabilities in production systems and improve the security posture of WorkOS products.
Work directly with customers. Help build our customers' trust by directly engaging with their security-related questions and concerns.
Requirements
5+ years of experience in a security engineering or security-focused software engineering role.
Ability to execute across a wide range of security functions such as security assessments, penetration testing, responsible disclosure, security tooling integration, etc.
Familiarity with and experience using common industry tooling.
Proven ability to identify vulnerabilities in software, demonstrated through CVEs, bug bounty, blog posts, or prior work experience.
Strong written and verbal communication skills, particularly in partnering with engineering teams.
Comfortable reading and writing code, and able to effectively leverage AI during the process.
Bonus: Experience in the authentication and identity domain.
Bonus: Experience writing production level code, especially developing security features.
Benefits
Competitive pay
Substantial equity grants
Healthcare insurance (Medical, Dental and Vision) for you and your family