Clerk

Product Security Engineer

Remote

Apply now

Not SpecifiedCompensation

InternshipExperience Level

Full TimeJob Type

UnknownVisa

Cybersecurity, Software Security, Product SecurityIndustries

Requirements

Candidates should possess proven experience in software security, application security, or product security roles with at least 7 years of hands-on experience, strong empathy, and expertise in proactive secure coding practices such as encryption, secrets management, and eliminating vulnerability classes. They should also have experience with reading and writing code in Go, TypeScript, or similar languages, along with familiarity with application security tooling (SAST/SCA/DAST/etc.) and experience with authentication and authorization protocols like OAuth, OpenID Connect, and SAMLFamiliarity with Supply-chain Levels for Software Artifacts (SLSA) and Cloud infrastructure platforms, preferably GCP.

Responsibilities

The Product Security Engineer will create paved roads for engineers to develop securely by default and build guardrails, conduct regular architecture reviews and code audits to detect potential threats and vulnerabilities, harden CI/CD pipelines, contribute to and improve the vulnerability management program, provide guidance and training to teammates on security best practices, collaborate with the Infrastructure team to establish secure infrastructure-as-code modules, document secure development policies and practices, and ultimately ensure the integrity of Clerk’s software artifacts.

Skills

TypeScript

Application Security

SAST

SCA

DAST

Semgrep

CodeQL

OAuth

OpenID Connect

SAML

Encryption

Secrets Management

Vulnerability Management

CI/CD Security

Security Architecture

Penetration Testing

Clerk

Authentication and user management platform

About Clerk

Clerk specializes in offering customizable UIs and APIs for authentication and user management, catering specifically to modern web frameworks like React and Next.js. This focus not only simplifies the authentication process for developers but also enhances security, highlighting the company's dedication to developer experience and robust security measures. Working here means contributing to a company that prides itself on streamlining complex tech processes while prioritizing the safety and usability of web applications—a prime choice for professionals passionate about cutting-edge web technology and user-centric solutions.

Key Metrics

Virginia Gardens, FloridaHeadquarters

2019Year Founded

$194.5KTotal Funding

SEEDCompany Stage

Enterprise Software, CybersecurityIndustries

501-1,000Employees

Benefits

Competitive salary and equity

Gear of your choice for your home office

Unlimited vacation policy - 25 days recommended per year plus national holidays in your country of residence. Take time when you need i

Risks

Emerging startups offer similar services at lower costs, increasing competition.

Potential vulnerabilities in third-party integrations could expose user data.

Regulatory scrutiny over data privacy practices may impact operations in strict regions.

Differentiation

Clerk offers a comprehensive sign-up and sign-in solution for websites.

Focus on multi-factor authentication enhances user account security against hacking threats.

Device management features provide users control over their account security.

Upsides

Passwordless authentication is gaining traction, enhancing security and user experience.

Global MFA market is projected to reach $20 billion by 2025, boosting demand.

Zero Trust security model adoption increases need for Clerk's verification solutions.

Land your dream remote job 3x faster with AI

Try Jobo Free