Jobs / Ver***
Senior Security Software Engineer, v0
Ver*** · Berlin, NY, United States
Visa sponsorship details are locked. Unlock company name and apply link with .
Berlin, NY, United States208,000-312,000 USD/yearlyRemote
Remuneration
208,000-312,000 USD/yearly
Location
Berlin, NY, United States
Visa sponsorship
Sponsors visa
Job summary
Security & IT Berlin, London, New York City, San Francisco Full Time About Ver***: Ver*** is the agentic infrastructure company. We free people and agents to ship what’s next. For more than a decade, Ver*** has shaped how the web is built.
Benefits
Competitive compensation package, including equity.Inclusive Healthcare Package.Learn and Grow - we provide mentorship and send you to events that help you builEquity-based compensation, and eligibility for a company bonus or variable pay pYour recruiter can share more details during the hiring process.Vercel is committed to fostering and empowering an inclusive community within ouVercel encourages everyone to apply for our available positions, even if they do
Qualifications
- As the team behind Next.js, v0, and AI SDK, we create products that help builders move from idea to production with speed, security, and exceptional developer experience.
Responsibilities
- You'll spend real time being a great generalist engineer: building features, fixing bugs, shipping to production alongside the rest of the team.
- Find and fix issues yourself: Proactively hunt for vulnerabilities across v0, from code you're reviewing to systems you're actively poking at, and ship the fix, not just the finding.
- Review all new v0 features and launches: Be the security reviewer of record for everything the team ships (new capabilities, generated-app patterns, integrations) before it goes out the door.
- Own the HackerOne relationship for v0: Triage, validate, and drive fixes for reports from Ver***'s HackerOne researcher community that touch v0, and work directly with researchers on reproduction and remediation.
- Harden code execution boundaries: Work directly on how agent-generated code is scoped, sandboxed, and constrained before it touches real infrastructure, including Ver***'s own sandbox and serverless runtimes.
- Respond to v0-specific security reports and incidents: Be the first responder and technical owner when a security issue is reported against v0 specifically.
- Think like an attacker, and like an agent: Reason about how a user, or an agent acting on that user's behalf, could misuse v0 to attack itself, other tenants, or the platform underneath it.
- About you
- You're a software engineer first: 5+ years building and shipping production web applications, at a level where you operate independently (IC4/Senior).
- You can pick up a normal feature ticket and ship it end to end, this is not a pure audit/review role.
- Strong full-stack fundamentals: Comfortable in TypeScript, React, and Node, and able to work in the same codebase, PR flow, and velocity as the rest of the v0 team.
- You influence through code, not just process: You'd rather fix the root cause in a PR than write a policy doc about it.
Certifications
OSCPOSWE
Degrees
Associate
Work schedule
RotationShift
Industry
DefenseEnergyHealthcareMedia