Clerk

Product Security Engineer

Remote

Clerk Logo
Not SpecifiedCompensation
InternshipExperience Level
Full TimeJob Type
UnknownVisa
Cybersecurity, Software Security, Product SecurityIndustries

Requirements

Candidates should possess proven experience in software security, application security, or product security roles with at least 7 years of hands-on experience, strong empathy, and expertise in proactive secure coding practices such as encryption, secrets management, and eliminating vulnerability classes. They should also have experience with reading and writing code in Go, TypeScript, or similar languages, along with familiarity with application security tooling (SAST/SCA/DAST/etc.) and experience with authentication and authorization protocols like OAuth, OpenID Connect, and SAMLFamiliarity with Supply-chain Levels for Software Artifacts (SLSA) and Cloud infrastructure platforms, preferably GCP.

Responsibilities

The Product Security Engineer will create paved roads for engineers to develop securely by default and build guardrails, conduct regular architecture reviews and code audits to detect potential threats and vulnerabilities, harden CI/CD pipelines, contribute to and improve the vulnerability management program, provide guidance and training to teammates on security best practices, collaborate with the Infrastructure team to establish secure infrastructure-as-code modules, document secure development policies and practices, and ultimately ensure the integrity of Clerk’s software artifacts.

Skills

Go
TypeScript
Application Security
SAST
SCA
DAST
Semgrep
CodeQL
OAuth
OpenID Connect
SAML
Encryption
Secrets Management
Vulnerability Management
CI/CD Security
Security Architecture
Penetration Testing

Clerk

Authentication and user management platform

About Clerk

Clerk specializes in offering customizable UIs and APIs for authentication and user management, catering specifically to modern web frameworks like React and Next.js. This focus not only simplifies the authentication process for developers but also enhances security, highlighting the company's dedication to developer experience and robust security measures. Working here means contributing to a company that prides itself on streamlining complex tech processes while prioritizing the safety and usability of web applications—a prime choice for professionals passionate about cutting-edge web technology and user-centric solutions.

Key Metrics

Virginia Gardens, FloridaHeadquarters
2019Year Founded
$194.5KTotal Funding
SEEDCompany Stage
Enterprise Software, CybersecurityIndustries
501-1,000Employees

Benefits

Competitive salary and equity
Gear of your choice for your home office
Unlimited vacation policy - 25 days recommended per year plus national holidays in your country of residence. Take time when you need i

Risks

Emerging startups offer similar services at lower costs, increasing competition.
Potential vulnerabilities in third-party integrations could expose user data.
Regulatory scrutiny over data privacy practices may impact operations in strict regions.

Differentiation

Clerk offers a comprehensive sign-up and sign-in solution for websites.
Focus on multi-factor authentication enhances user account security against hacking threats.
Device management features provide users control over their account security.

Upsides

Passwordless authentication is gaining traction, enhancing security and user experience.
Global MFA market is projected to reach $20 billion by 2025, boosting demand.
Zero Trust security model adoption increases need for Clerk's verification solutions.

Land your dream remote job 3x faster with AI