FREE ACCESS
5,000–10,000 jobs/day
See all jobs on JobTailor
Search thousands of fresh jobs every day.
Discover
- Fresh listings
- Fast filters
- No subscription required
Create a free account and start exploring right away.

Security Software Engineer, Open Source Frameworks
VercelSecurity Software Engineer focusing on maintaining and securing open source frameworks at Vercel. Collaborating with the community to identify and fix vulnerabilities.
Posted 7/16/2026full-timeSan Francisco • California, New York • 🇺🇸 United StatesMid-LevelSenior💰 $208,000 - $312,000 per yearWebsite
Core Competencies
Role fitCore Competencies
Use this summary to align your resume positioning with the role.
Demonstrates expertise in vulnerability research and security engineering, with a strong focus on open source frameworks and proactive security measures. Proficient in JavaScript and TypeScript, with hands-on experience in security assessments and community engagement.
Highest-signal resume keywords
Vulnerability ResearchSecurity EngineeringJavaScript/TypeScript FundamentalsOpen Source ContributionStructured Security Assessment Methodology
ATS Keywords
Tailor your resumeApplicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills
Vulnerability AssessmentFramework Internals AnalysisPreventive Tooling DevelopmentRoot Cause AnalysisBug Bounty Program Management
Soft Skills
Clear CommunicationCommunity EngagementPragmatic Problem Solving
Tools & Technologies
TurborepoNuxtSvelte/SvelteKitSWRWorkflowNitro
Industry Keywords
Vulnerability DisclosureCVE ManagementSupply Chain SecurityOpen Source Security
Tech Stack
Tools & technologiesJavaScriptNuxtOpen SourceSvelteTypeScript
About the role
Key responsibilities & impact- Hunt for vulnerability classes, not individual bugs: Run deep security assessments of framework internals.
- Drive root-cause framework fixes.
- Own vulnerability disclosure and CVEs.
- Run the OSS bug bounty program for these projects.
- Get security into design early.
- Build preventive tooling.
- Own supply chain security for these projects.
- Work with the community, not around it.
Requirements
What you’ll need- You've actually used or broken these frameworks: You've built real things with Turborepo, Nuxt, Svelte/SvelteKit, SWR, Workflow, or Nitro (or closely comparable projects), or you've found and reported security issues in them.
- You have a deep appreciation and respect for open source work.
- 4+ years in security engineering, ideally with real hands-on open source contribution experience.
- You're energized by root cause, not remediation count.
- You can read framework internals, not just application code: Strong JavaScript/TypeScript fundamentals.
- Pragmatic, not theoretical.
- Vulnerability research chops: Experience with structured security assessment methodology.
- Clear communicator.
- Comfortable operating in public.
Benefits
Comp & perks- Competitive compensation package, including equity.
- Inclusive Healthcare Package.
- Learn and Grow - we provide mentorship and send you to events that help you build your network and skills.
- Flexible Time Off.
- We will provide you the gear you need to do your role, and a WFH budget for you to outfit your space as needed.