Product Security Engineer

Supabase

Completely RemoteFull TimeEngineering & Architecture
Posted 1 months ago

This role is no longer accepting applications.

Browse live jobs

Job description

Responsibilities

  • Identify and close gaps across application security, secure design review, and vulnerability management
  • Conduct threat modeling, secure design reviews, and code reviews to identify practical remediation paths
  • Partner with engineering teams to provide product-focused security expertise and shape a modern security program
  • Improve security posture through scalable mechanisms like tooling, automation, and developer-friendly guardrails
  • Support security incident response by helping triage, investigate, and coordinate remediation for product and platform issues
  • Manage and mature bug bounty and vulnerability disclosure processes, including triage and validation

Requirements

  • Strong experience in product security, application security, or security engineering
  • Deep understanding of application security fundamentals, including auth, session management, APIs, and secrets handling
  • Experience with cloud-native, developer tools, SaaS, platform, or infrastructure products
  • Experience with vulnerability triage, bug bounty programs, or security incident response
  • Ability to communicate clearly in a written, asynchronous environment
  • Comfort participating in a security on-call rotation

Preferred Qualifications

  • Experience with Postgres or Kubernetes
  • Experience building security guardrails that enable rather than enforce developer velocity

Benefits

  • Fully remote work with a WeWork membership or co-working allowance
  • Equity ownership (ESOP) for every team member
  • Tech allowance for your ideal work environment
  • 100% covered health insurance for employees and 80% for dependents
  • Annual company-wide off-sites
  • Flexible work and asynchronous operations
  • Annual professional development and education allowance

About the Company

Supabase is a remote-first, open-source company building tools that developers love. With a globally distributed team of over 280 members across 55+ countries, we move fast, build in public, and support the open-source ecosystem.

Skills & tools

Application SecurityPostgreSQLKubernetes

What the team is looking for

Use this list as a quick fit check before you apply.

  1. 01experience in product or application security
  2. 02knowledge of cloud-native and SaaS products
  3. 03understanding of auth, session management, and APIs
  4. 04experience with vulnerability triage or bug bounty programs
  5. 05experience with Postgres or Kubernetes
ScoutJobsAd

Wake up to a shortlist, not a search results page.

ScoutJobs scores every new listing against your CV, salary floor and visa. A handful of real matches by morning.

Get your daily matches
Applications closed