Product Security Engineer
at Auth0
ProductFull TimeEurope
Auth0 is a pre-IPO unicorn. We are growing rapidly and looking for exceptional new team members to add to our teams and will help take us to the next level. One team, one score. 
We never compromise on identity. You should never compromise yours either. We want you to bring your whole self to Auth0. If you’re passionate, practice radical transparency to build trust and respect, and thrive when you’re collaborating, experimenting and learning – this may be your ideal work environment.  We are looking for team members that want to help us build upon what we have accomplished so far and make it better every day.  N+1 > N.
Auth0 is a security company and Auth0's Security organization is in the privileged position of supporting a security-first culture for a company that wants to make the Internet safer. The Product Security team mission is to ensure that Auth0 products are as secure as our customers trust them to be. We partner closely with our Engineering and Product teams to embed security into every stage of the product life cycle.
About the role
We are looking for a Product Security Engineer with a passion for both building and breaking things to solve security problems in partnership with our Engineering teams. You will have a chance to apply your skills and passion to improve the security of our product on a daily basis.

In this role you will:

  • Provide security guidance to Engineering and Product teams
  • Build threat models and conduct risk assessments for new features and services
  • Perform design and code reviews (lots of them!)
  • Identify, triage, resolve, and manage security vulnerabilities identified in Auth0 products
  • Build libraries and tools to make software built at Auth0 secure by default
  • Make security an integral part of our CI/CD pipeline
  • Perform internal penetration tests and participate in red team exercises
  • Champion security at Auth0

Our ideal candidate will have:

  • Strong understanding of Web application security, including hands-on exploitation skills
  • Familiarity with secure development practices and security testing techniques (SAST, DAST, fuzzing, etc.)
  • Ability to explain complex security issues and their impact to diverse audiences

Also nice if you have:

  • Experience running a bug bounty program
  • Experience with JavaScript (Node.js) development
Auth0’s mission is to help developers innovate faster. Every company is becoming a software company and developers are at the center of this shift. They need better tools and building blocks so they can stay focused on innovating. One of these building blocks is identity: authentication and authorization. That’s what we do. Our platform handles 2.5B logins per month for thousands of customers around the world. From indie makers to Fortune 500 companies, we can handle any use case.
We like to think that we are helping make the internet safer.  We have raised $210M to date and are growing quickly. Our team is spread across more than 35 countries and we are proud to continually be recognized as a great place to work. Culture is critical to us, and we are transparent about our vision and principles
Join us on this journey to make developers more productive while making the internet safer!
Apply for this job
Please mention that you come from when applying for this job.