Remote
Remote
Senior
Full Time
3 months ago
💰$178,500
remotesecurityweb securitybrowser platformsenior
Requirements
- •7+ years of experience in web or application security (performing security assessments, vulnerability research, penetration testing, or secure code review)
- •Advanced programming or scripting experience with JavaScript
- •Experience with at least one WebView technology (WebKit, WebView2, Chromium WebView, etc.) and understanding of browser security models (SOP, CSP, CORS, SameSite cookies)
- •Hands-on experience identifying and exploiting web vulnerabilities (XSS, CSRF, injection attacks, authorization flaws, etc.)
- •Familiarity with security testing tools and frameworks
- •Experience partnering and collaborating with Product Engineers, advising on security matters and helping teams ship secure code faster
- •Experience shaping how an organisation thinks about security - driving best practices, improving processes, and raising the bar across teams
What You'll Do
- •Conduct browser security audits (special pages, DuckAI integrations, password manager, etc.)
- •Execute on SERP security mitigations (XSS prevention, tooling development to help engineers write safer code)
- •Manage application security scanning infrastructure setup (SAST/DAST integrations in GitHub)
- •Deliver on internal red-team operations (simulated attack scenarios)
- •Support security triage
Nice to Have
- •Experience with Swift/Kotlin/C#/JavaScript (native apps) or JavaScript/Perl/Go (search)
Benefits
- •Paid parental leave
- •Office setup allowance
- •Co-working allowances
- •Stock options
About DuckDuckGo
Independent online protection company. Get our browser with protections built-in, including our search engine that doesn’t track you.
Paoli, PA, US
250 - 500
Internet & Software