Senior Security Engineer
Remote
Full Time
#Engineering
#JavaScript
#Architecture
#Security
#XSS
#CSRF
#OAuth
#SAML
#CSP
We are looking for a dedicated Senior Security Engineer based in Latin America to join our team. Rocket.Chat is the world's largest open-source communications platform, serving tens of millions of users across 150 countries. Organizations like the U.S. Navy, Deutsche Bahn, and Credit Suisse rely on our platform to maintain data ownership and secure collaboration. As we continue our mission to make Rocket.Chat the most secure enterprise communication platform available, you will play a vital role in protecting our infrastructure, applications, and data from evolving cyber threats.
Key outcomes
- Design and manage a comprehensive vulnerability program to identify and assess system weaknesses.
- Perform regular penetration tests, security assessments, and vulnerability scans to maintain a strong security posture.
- Lead threat modeling exercises, code reviews, and application security assessments throughout the software development lifecycle.
- Collaborate with cross-functional teams to prioritize and resolve security vulnerabilities.
- Establish and enforce secure coding standards while educating development teams on best practices.
- Manage communications regarding security findings with external researchers and bug bounty participants.
- Consult with product managers and developers to propose secure architectures and methods.
Requirements
- Professional fluency in English.
- Strong understanding of secure architecture within JavaScript web applications.
- Expertise in identifying and patching web-based vulnerabilities, including XSS, CSRF, SSRF, and authentication flaws, in accordance with the OWASP Top 10.
- Proficiency with authentication technologies such as SAML, OAuth, and OTP/TOTP.
- Experience with browser-based security controls like CSP, HSTS, and XFO.
- Ability to identify and replace outdated or vulnerable code libraries.
- Excellent communication, critical thinking, and collaboration skills.
Preferred qualifications
- Prior experience working with the Meteor framework.
Compensation
We provide a range of benefits designed to support a productive and enjoyable remote work experience. These include stock options, a flexible schedule, and unlimited paid time off. You will also have access to language and tech courses while working in a multicultural environment alongside colleagues located in over 26 countries.
How to apply
If you are passionate about security and want to help us reconnect the world through private and secure communication, we invite you to apply to join our team. Please reach out to us to start the conversation about your potential role as a Rocketeer.
Rocket.Chat
0 views
Company Size
101-250
Markets



