Sr. Security Engineer
Brave
Technology, Information and Internet · 51-200 employees
About the role
The role involves performing security reviews, triaging security reports, and designing security-relevant code for Brave products. Additionally, the engineer will conduct penetration tests on Brave's products and infrastructure.
What they look for
Requirements
Candidates need at least 5 years of security engineering experience with proficiency in C++ and the Web security model. Experience with AWS infrastructure, penetration testing, and collaborating via Git/GitHub is required.
Full description
Senior Security Engineer
Remote
About Brave
Brave is on a mission to protect the human right to privacy online. We’ve built a free web browser that blocks creepy third-party ads and trackers by default, a private search engine with a truly independent index, a browser-native crypto wallet, and a private ad network (opt-in!) that directly rewards you for your attention. And we’re just getting started. Already 110+ million people have switched to Brave for a faster, more private web. Millions more switch every month.
The internet is a sea of privacy-harmful ads, hackers, and echo chambers. Big Tech makes huge profits off our data, and tells us what’s true and what’s not. Brave is fighting back. Join us!
Summary
We are hiring a staff engineer on the Brave security and privacy team! You will help keep our users safe across Brave’s products, including Brave browser and Brave Search. Responsibilities include:
- Security reviews of Brave products
- Triaging and fixing security reports
- Designing and implementing security-relevant code
- Penetration tests of Brave products and infrastructure
Brave is widely-recognized as one of the best browsers for security and privacy, doing industry-leading work with a team that’s a fraction of the size of Big Tech-supported browsers.
Required qualifications
- At least 5 years experience (or equivalent) in security engineering
- Experience in penetration testing and/or security auditing
- Proficiency in C++, both implementing and reviewing
- Strong familiarity with the Web security model
- Experience securing AWS infrastructure
- Very comfortable working and communicating async with a geographically-distributed software development team
- Be comfortable diving into an extremely large, unfamiliar and complex codebase
- Be comfortable with Git and collaborating on GitHub
Preferred qualifications
- Experience contributing to large open source codebases and/or participating in open source communities
- Proficiency in Web technologies (HTML, CSS, JavaScript)
- Proficiency in Go and Rust
- DevOps experience
- Contributions to other Web browsers
- Familiarity with Chromium's architecture, especially security
- Ability to write clear technical documentation and less technical writing for blog posts or public communication.
- Be excited about privacy, anonymity, and censorship resistance!