Software Engineer, Security

Remote /
Engineering – Infrastructure Engineering /
Full-time
Hi, we're The Browser Company 👋 and we're building a better way to use the internet.

Browsers are unique in that they are one of the only pieces of software that you share with your parents as well as your kids. Which makes sense, they're our doorway to the most important things — through them we socialize with loved ones, work on our passion projects, and explore our curiosities. But on their own, they don’t actually do a whole lot, they’re kind of just there. They don’t help us organize our messy lives or make it easier to compose our ideas. We believe that the browser could do so much more — it can empower and support the amazing things we do on the internet. That’s why we’re building one: a browser that can help us grow, create, and stay curious.

To accomplish this lofty task, we’re building a diverse team of people from different backgrounds and experiences. This isn’t optional, it’s crucial to our mission, as we need a wide range of perspectives to challenge our assumptions and shape our browser through a bold, creative lens.

With that in mind, we especially encourage women, people of color, and others from historically marginalized groups to apply.


About The Role
As our first Security Engineer at Browser Company, you will be leading our high-level security and risk-mitigation strategy, and doing a wide range of tasks such as security reviews, working with our IT firm to set up secure IT practices, writing and rolling out policies, working with our CTO and senior architects to secure our infrastructure and build systems, and more.

Overall you will...

    • Own our security strategy and be responsible for mitigating risk for employees and users
    • Be responsible for threat modeling of our system and features
    • Conduct security reviews of new, high-risk code and features that our product engineers ship
    • Work with engineers to educate them about security best-practices
    • Partner with our CTO and IT firm to roll out security improvements to our IT systems
    • Develop security policies and procedures, and roll them out across the organization
    • Audit and work with third-party vendors to ensure our data is secure
    • Work with our CTO, lawyers, and other engineers to fulfill compliance requirements
    • Manage security incident responses

After 1 month you will...

    • Get onboarded onto the team and codebase with an onboarding buddy
    • Receive a number of onboarding presentations on how we give each other feedback, the phases a startup goes through, our technical strategy, and more
    • Get familiar with our infrastructure, data stores, and existing security policies
    • Have shipped a few bug fixes and features across our codebase
    • Have pair programmed with a portion of the engineering team

After 3 months you will...

    • Be the point of contact for security reviews across some portion of our codebase
    • Be working with our retained security firm and have a strong understanding of our security roadmap
    • Be working with our IT firm to drive security-related IT initiatives
    • Have a strong grasp on our security needs and start prioritizing which projects we need to move forward
    • Be regularly posting feedback about using the browser in our #dogfooding channel

After 6 months you will...

    • Conduct security reviews across our server and client repositories
    • Collaborate with engineers to figure out how to bake security into our architecture
    • Own our security strategy and prioritize security projects to move forward
    • Own our security policies and procedures, and ensure we adhere to them
    • Ensure our infrastructure and build pipelines are secure
    • Support and lead security incident responses across the organization
    • Be interview trained and interviewing candidates for roles at the Browser Company

Qualifications

    • You have experience managing security incident responses
    • You have experience conducting security reviews for application and infrastructure changes
    • You have excellent communication skills and are able to work cross-functionally with Legal and IT to develop and implement new security policies and procedures
    • You care deeply about user privacy and are vigilant about mitigating risks
    • You have experience working across a variety of complex codebases
    • You have experience tech leading critical projects or initiatives within your team and organization
The Browser Company is a well funded, ambitious startup of about 40 people (and growing!) who are passionate about building great products. We are a remote-first, distributed team, with the option to work in office in New York. We strongly support diversity and encourage people from all backgrounds to apply.