Security Researcher
Vercel
Job highlights
Summary
Join Vercel as a Security Researcher and strengthen our security posture by focusing on vulnerability research in open-source projects like Next.js. You will spearhead efforts to discover and mitigate security threats, develop framework-specific WAF rule packs, and provide actionable guidance to customers. This role involves representing Vercel at industry conferences, creating educational materials, and collaborating with various teams. You will work to improve product security by aligning product improvements with customer needs and maximizing application security through Vercel's native features. Your contributions will help establish Vercel as a leader in application security and proactive threat mitigation. This is a customer-centric role requiring strong communication and collaboration skills.
Requirements
- Proven experience identifying, reporting, and mitigating security vulnerabilities in open-source projects
- Hands-on experience with Web Application Firewalls, ideally with rule customization and framework-specific tuning
- Ability to convey complex security concepts to both technical and non-technical audiences, including conference presentations and blog writing
- Experience working closely with engineering, marketing, and customer success teams to drive security initiatives
- Skilled in creating educational materials and supporting documentation for customers to optimize WAF configurations
- Familiarity with current security trends and emerging threats, with a proactive approach to continuous learning and application
Responsibilities
- Design WAF rule packs tailored to specific frameworks, such as Next.js, prioritizing rules that address the most relevant and framework-specific vulnerabilities
- Continuously refine these rules using real-time threat data, research findings, and customer feedback to maintain strong protection against emerging attack patterns
- Create clear documentation, guides, and best practices for Vercel's WAF to help customers understand and set up security rules that match their specific needs
- Create educational materials and host webinars or workshops that equip customers with practical knowledge on utilizing Vercel's WAF to its full potential
- Share research-based threat intelligence with customers to alert them about potential risks and provide specific recommendations for rule updates and configurations
- Work with customer success teams to identify and address high-risk customer environments, ensuring WAF configurations match each customer's unique security needs
- Work closely with Vercel’s product team to ensure that customer-facing security features align with industry standards and emerging threats, making Vercel’s WAF adaptable to various customer applications
- Share insights from vulnerability research and customer feedback to shape product roadmaps, focusing on features that improve WAF effectiveness and usability across different customer needs
- Build tools or dashboards that allow customers to self-assess and monitor the effectiveness of WAF configurations, offering insights into blocked threats, rule performance, and custom rule capabilities
- Explore opportunities for customer-driven customization of WAF rules, empowering customers to address unique vulnerabilities while maintaining a default layer of robust security
- Partner with customer success and support teams to address WAF-related inquiries, share guidance, and resolve complex security configurations
- Collect and synthesize customer feedback to continuously improve the WAF experience and address emerging needs in Vercel’s customer base
Preferred Qualifications
- Built a Web Application Firewall Security product directly as an engineer
- Achieved an Offensive Security certification and or Advanced SANS certification
Benefits
- Great compensation package and stock options
- Inclusive Healthcare Package
- Learn and Grow - we provide mentorship and send you to events that help you build your network and skills
- Flexible Time Off - Flexible vacation policy with a recommended 4-weeks per year, and paid holidays
- Remote Friendly - Work with teammates from different time zones across the globe
- We will provide you the gear you need to do your role, and a WFH budget for you to outfit your space as needed
Share this job:
Similar Remote Jobs
- 📍United States
- 📍United States
- 📍Worldwide
- 💰$150k-$170k📍Worldwide
- 📍Israel
- 📍Israel
- 📍United States
- 📍United States
- 📍Worldwide