Web Application Security Engineer - remote

Posted 3 years ago

Job Description - US/Canada/EU/UK

Brave is hiring a Web Application Security Engineer to help secure Brave’s business-critical web applications, including but not limited to Brave Search (https://search.brave.com) and Brave Publishers (https://creators.brave.com/). Your work will directly impact the future of search and other websites to be used by millions of people. This is a full-time role, reporting to our Chief Information Security officer.

Responsibilities:

  • Ongoing security code reviews and audits of various web applications
  • Triaging and fixing security issues
  • Participating in security &privacy feature-design and roadmap-planning as part of a cross-functional team

Expected qualifications:

  • Proficiency in at least two of the following: Python, JavaScript, Ruby on Rails
  • Deep understanding of the web security model and web privacy threats
  • Extensive experience with securing cloud infrastructure, especially AWS
  • Familiarity with Kubernetes
  • Frontend and backend web application development experience
  • Security auditing experience

We don’t expect anyone to have all of these additional qualities, but having one or two will probably help you work successfully at Brave:

  • Experience or comfort working in public on an open source project on GitHub
  • Experience writing/auditing C++, especially as part of Chromium or a Chromium fork
  • Rust or Golang proficiency
  • Ability to write clear technical documentation &specifications
  • Familiarity with applied cryptography
  • Passion for privacy, security, &anonymity

Benefits

  • Competitive salary
  • Unlimited PTO
  • Generous 401k plan
  • Stock option grant
  • Travel and conference budgets
  • Flexible remote work

Brave is committed to fair hiring practices and ensuring a diverse organization.