Security Researcher

3 Hours ago • All levels • $224,000 PA - $336,000 PA

Job Summary

Job Description

Vercel is looking for a Security Researcher to enhance their security measures by conducting vulnerability research, particularly focusing on Vercel-maintained open-source projects like Next.js. The role involves discovering, reporting, and mitigating security threats, developing framework-specific WAF rule packs, and improving product security by providing tailored guidance to customers. The researcher will represent Vercel at conferences, share research, and collaborate with teams to create educational materials and improve product security. The goal is to help customers maximize application security and strengthen Vercel's position in proactive threat mitigation. This involves designing WAF rule packs, creating documentation, and sharing threat intelligence. The researcher will also work on security feature enhancements, develop security tooling and self-service enablement, and collaborate with customer success teams. This work will improve WAF experience.
Must have:
  • Vulnerability research expertise in open-source projects
  • Hands-on experience with Web Application Firewalls
Good to have:
  • Built a Web Application Firewall Security product
  • Achieved an Offensive Security certification
Perks:
  • Competitive compensation package, including equity
  • Inclusive Healthcare Package
  • Mentorship and events for skill building
  • Flexible Time Off
  • Gear and WFH budget

Job Details

About Vercel:

Vercel gives developers the tools and cloud infrastructure to build, scale, and secure a faster, more personalized web. As the team behind v0, Next.js, and AI SDK, Vercel helps customers like Ramp, Supreme, PayPal, Chick-fil-A, and Under Armour build for the AI-native web.

Our mission is to enable the world to ship the best products. That starts with creating a place where everyone can do their best work. Whether you're building on our platform, supporting our customers, or shaping our story: You can just ship things.

About the Role:

Vercel is seeking a Security Researcher to strengthen our security posture through vulnerability research, particularly focusing on Vercel-maintained open-source projects like Next.js. You'll spearhead efforts to discover, report, and mitigate new security threats, develop framework-specific WAF rule packs (for Next.js, Svelte, and others), and improve product security by providing tailored, actionable guidance to our customers.

In this role, you'll represent Vercel at industry conferences, share research findings to establish thought leadership, and work closely with engineering, marketing, and customer success teams. You'll create educational materials, publish insights, and align product improvements with customer needs. This work will help customers maximize their application security through Vercel's native features while strengthening our position as a leader in application security and proactive threat mitigation.

What You Will Do:

  • Customer-Centric WAF Rule Development
    • Design WAF rule packs tailored to specific frameworks, such as Next.js, prioritizing rules that address the most relevant and framework-specific vulnerabilities.
    • Continuously refine these rules using real-time threat data, research findings, and customer feedback to maintain strong protection against emerging attack patterns.
  • Enablement through Education and Documentation
    • Create clear documentation, guides, and best practices for Vercel's WAF to help customers understand and set up security rules that match their specific needs.
    • Create educational materials and host webinars or workshops that equip customers with practical knowledge on utilizing Vercel's WAF to its full potential.
  • Proactive Threat Intelligence for Customers
    • Share research-based threat intelligence with customers to alert them about potential risks and provide specific recommendations for rule updates and configurations.
    • Work with customer success teams to identify and address high-risk customer environments, ensuring WAF configurations match each customer's unique security needs.
  • Collaborate on Security Feature Enhancements
    • Work closely with Vercel’s product team to ensure that customer-facing security features align with industry standards and emerging threats, making Vercel’s WAF adaptable to various customer applications.
    • Share insights from vulnerability research and customer feedback to shape product roadmaps, focusing on features that improve WAF effectiveness and usability across different customer needs.
  • Develop Security Tooling and Self-Service Enablement
    • Build tools or dashboards that allow customers to self-assess and monitor the effectiveness of WAF configurations, offering insights into blocked threats, rule performance, and custom rule capabilities.
    • Explore opportunities for customer-driven customization of WAF rules, empowering customers to address unique vulnerabilities while maintaining a default layer of robust security.
  • Customer Advocacy and Success Collaboration
    • Partner with customer success and support teams to address WAF-related inquiries, share guidance, and resolve complex security configurations.
    • Collect and synthesize customer feedback to continuously improve the WAF experience and address emerging needs in Vercel’s customer base.

About You:

  • Vulnerability Research Expertise: Proven experience identifying, reporting, and mitigating security vulnerabilities in open-source projects.
  • WAF Knowledge: Hands-on experience with Web Application Firewalls, ideally with rule customization and framework-specific tuning.
  • Strong Communication Skills: Ability to convey complex security concepts to both technical and non-technical audiences, including conference presentations and blog writing.
  • Cross-Functional Collaboration: Experience working closely with engineering, marketing, and customer success teams to drive security initiatives.
  • Customer Enablement Focus: Skilled in creating educational materials and supporting documentation for customers to optimize WAF configurations.
  • Industry Awareness: Familiarity with current security trends and emerging threats, with a proactive approach to continuous learning and application.

Bonus If You:

  • Built a Web Application Firewall Security product directly as an engineer
  • Achieved an Offensive Security certification and or Advanced SANS certification.

Benefits:

  • Competitive compensation package, including equity.
  • Inclusive Healthcare Package.
  • Learn and Grow - we provide mentorship and send you to events that help you build your network and skills.
  • Flexible Time Off.
  • We will provide you the gear you need to do your role, and a WFH budget for you to outfit your space as needed.

The San Francisco, CA base pay range for this role is $224,000-$336,000. This salary range is an estimate. Actual salary will be based on job-related skills, experience, and location. The total compensation package also includes benefits and equity-based compensation. Your recruiter can share more about the specific pay range for your location during the hiring process.

Vercel is committed to fostering and empowering an inclusive community within our organization. We do not discriminate on the basis of race, religion, color, gender expression or identity, sexual orientation, national origin, citizenship, age, marital status, veteran status, disability status, or any other characteristic protected by law. Vercel encourages everyone to apply for our available positions, even if they don't necessarily check every box on the job description.

#LI-LC1

Similar Jobs

GoFundMe - Senior Software Engineer (Pricing)

GoFundMe

Buenos Aires, Buenos Aires, Argentina (On-Site)
2 Weeks ago
Vercel - Software Engineer, Accounts

Vercel

(Remote)
2 Days ago
Nolimcity - Frontend Developer with focus on UX/UI

Nolimcity

Stockholm, Stockholm County, Sweden (On-Site)
1 Week ago
Alphasense - Software Engineer II, Full Stack

Alphasense

Delhi, India (On-Site)
2 Days ago
Contentstack - Software Engineer I (ReactJS/NextJS)

Contentstack

Virar, Maharashtra, India (On-Site)
2 Weeks ago

Get notifed when new similar jobs are uploaded

Similar Skill Jobs

Vercel - Customer Support Engineer, EMEA

Vercel

(Remote)
2 Weeks ago
Capgemini - Sitecore Developer

Capgemini

Mumbai, Maharashtra, India (On-Site)
1 Week ago
Scale AI - Senior Software Engineer, GenAI Model Evaluation

Scale AI

San Francisco, California, United States (On-Site)
7 Months ago
Token Metrics - Senior Front End Web Developer (Remote)

Token Metrics

Medellín, Antioquia, Colombia (Remote)
6 Months ago
GoDaddy - Engineering Manager - Software Development

GoDaddy

(Remote)
2 Weeks ago
GT - Senior Frontend Engineer

GT

(Remote)
1 Month ago
Vercel - Software Engineer, CI/CD

Vercel

New York, New York, United States (On-Site)
2 Weeks ago
Alphasense - Software Engineer II, Full Stack

Alphasense

Delhi, India (On-Site)
2 Days ago
Scale AI - Senior Software Engineer, GenAI Outlier

Scale AI

San Francisco, California, United States (Hybrid)
2 Weeks ago

Get notifed when new similar jobs are uploaded

Jobs in Worldwide

Looks like we're out of matches

Set up an alert and we'll send you similar jobs the moment they appear!

Similar Category Jobs

Looks like we're out of matches

Set up an alert and we'll send you similar jobs the moment they appear!

About The Company

Vercel’s Frontend Cloud provides the developer experience and infrastructure to build, scale, and secure a faster, more personalized Web. Customers like Under Armour, Nintendo, The Washington Post, and Zapier use Vercel to build dynamic user experiences on the Web.

San Francisco, California, United States (Hybrid)

San Francisco, California, United States (Hybrid)

San Francisco, California, United States (Hybrid)

San Francisco, California, United States (Hybrid)

View All Jobs

Get notified when new jobs are added by Vercel

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug