Senior Software Engineer, Security

Hi, we're The Browser Company 👋 and we're building a better way to use the internet.

Browsers are unique in that they are one of the only pieces of software that you share with your parents as well as your kids. Which makes sense, they're our doorway to the most important things — through them we socialize with loved ones, work on our passion projects, and explore our curiosities. But on their own, they don’t actually do a whole lot, they’re kind of just there. They don’t help us organize our messy lives or make it easier to compose our ideas. We believe that the browser could do so much more — it can empower and support the amazing things we do on the internet. That’s why we’re building one: a browser that can help us grow, create, and stay curious.

To accomplish this lofty task, we’re building a diverse team of people from different backgrounds and experiences. This isn’t optional, it’s crucial to our mission, as we need a wide range of perspectives to challenge our assumptions and shape our browser through a bold, creative lens. With that in mind, we especially encourage women, people of color, and others from historically marginalized groups to apply.

As a Software Engineer, Security at The Browser Company, you will be at the forefront of building a new security paradigm for AI-powered web interaction. As part of a pioneering team, you’ll design the security architecture for our next-generation AI assistant and lead critical R&D work to create a robust, forward-looking security framework. You’ll also support our foundational security needs, enabling us to scale safely while innovating in areas like threat modeling, AI risk mitigation, and data protection. This role will require a blend of hands-on engineering and high-level strategy, working closely with our CTO and senior architects to secure our infrastructure and build systems, and more to protect our users and their data.

Overall you will...

• Own and evolve our security strategy, balancing R&D for our AI assistant’s security framework with proactive risk mitigation for both employees and users.

• Work with the engineering team to build a new security sandbox that protects our assistant from emerging threats, ensuring secure AI interactions on the web.

• Build security critical infrastructure that powers the future of AI-powered web interactions.

• Conduct threat modeling for systems and features, especially those interfacing with untrusted sources, to preemptively mitigate security risks.

• Partner with engineers to incorporate security best practices into new features, with a focus on protecting AI functionality from prompt injections, jailbreaks, and other vulnerabilities.

• Design and manage security strategies unique to AI technologies, supporting incident responses and enhancing the assistant’s resilience.

• Develop and uphold security policies and procedures across the organization, support compliance efforts, and lead incident response.

After 1 month you will...

• Get onboarded onto the team and codebase with an onboarding buddy

• Receive a number of onboarding presentations on how we give each other feedback, the phases a startup goes through, our technical strategy, and more

• Get familiar with our application, infrastructure, data stores, and existing security policies

• Have shipped a few bug fixes and features across our codebase

• Have pair programmed with a portion of the engineering team

After 3 months you will...

• Be the point of contact for security reviews across some portion of our codebase

• Understand the AI threat landscape and mitigate major AI security hazards or prompt injections

• Deploying new security infrastructure to enable product to develop secure by default

• Have a strong grasp on our security needs and start prioritizing which projects we need to move forward

• Be regularly posting feedback about using the browser in our #dogfooding channel

After 6 months you will...

• Conduct security reviews across our server and client repositories

• Collaborate with engineers to figure out how to bake security into our architecture

• Own part of our security strategy and prioritize security projects to move forward

• Own our security policies and procedures, and ensure we adhere to them

• Support and lead security incident responses across the organization

• Be interview trained and interviewing candidates for roles at the Browser Company

• 5+ years leading large-scale security projects with a focus on security engineering.

• Proficiency in programming languages (such as Golang, Swift, Python, etc.),

• You have experience conducting security reviews for application and infrastructure changes

• You have excellent communication skills and are able to work cross-functionally with Legal and IT to develop and implement new security policies and procedures

• You care deeply about user privacy and are vigilant about mitigating risks

• You have experience working across a variety of complex codebases

• You have experience tech leading critical projects or initiatives within your team and organization

• You have at least 4 hours of overlap time with team members located in Eastern Time Zone

💰 With our flexible compensation model, employees have the ability to choose the cash-to-equity ratio that best suits their individual needs. Every offer we extend includes three options: a salary-optimized offer, an equity-optimized offer, and a balanced offer.

The annual salary range for this role is $240,000 - $300,000 USD. The actual salary range offered will vary based on experience level and interview performance.

🧘🏻‍♀️ In addition to a competitive salary and equity package, we provide every employee with the following benefits:

• comprehensive benefits package with employee medical, dental, and vision - we cover 100% of premiums for employees, and up to 95% for dependents

• 401k plan

• flexible vacation policy - on average, our team members take between 15-20 vacation days a year, plus federal holidays (holidays vary by location)

• remote-friendly working environment - our core working hours are 11 AM-2 PM Eastern Time

• 12 weeks of paid parental leave

• $1,500 USD home office stipend

• Employees based in the US also receive additional services like free annual memberships to One Medical (where available), Talkspace, Teladoc, and HealthAdvocate

The Browser Company is a well-funded, ambitious startup of about 85 people (and growing!) who are passionate about building great products. We are a remote-first, distributed team, with the option to work in office in New York. We strongly support diversity and encourage people from all backgrounds to apply. 

🚙 To read more about what we value as a company, check out Notes on Roadtrips on our blog.