Security Engineer, Product Security - San Francisco, United States - Grammarly

Description

Grammarly is excited to offer a remote-first hybrid working model. Team members work primarily remotely in the United States, Canada, Ukraine, Germany, or Poland. Certain roles have specific location requirements to facilitate collaboration at a particular Grammarly hub.

All roles have an in-person component: Conditions permitting, teams meet 2–4 weeks every quarter at one of Grammarly's hubs in San Francisco, Kyiv, New York, Vancouver, and Berlin, or in a workspace in Kraków. This flexible approach gives team members the best of both worlds: plenty of focus time along with in-person collaboration that fosters trust and unlocks creativity.

Grammarly team members in this role must be based in the United States or Canada, and they must be able to collaborate in person 2 weeks per quarter, traveling if necessary to the hub(s) where the team is based.

The opportunity

Grammarly is the world's leading AI writing assistance company trusted by over 30 million people and 70,000 professional teams every day. From instantly creating a first draft to perfecting every message, Grammarly's product offerings help people at 96% of the Fortune 500 get their point across—and get results. Grammarly has been profitable for over a decade because we've stayed true to our values and built an enterprise-grade product that's secure, reliable, and helps people do their best work—without selling their data. We're proud to be one of Inc.'s best workplaces, a Glassdoor Best Place to Work, one of TIME's 100 Most Influential Companies, and one of Fast Company's Most Innovative Companies in AI.

To achieve our ambitious goals, we're looking for a Security Engineer to join the Grammarly Product Security team. Our commitment to user trust is unwavering, and this new team member will play a crucial role in maintaining the trust of millions of users who rely on our products. With their expertise, we can drive security enhancements throughout the entire stack, from the UI to the back-end and underlying server infrastructure.

Grammarly's engineers and researchers can innovate and uncover breakthroughs—and, in turn, influence our product roadmap. The complexity of our technical challenges is growing rapidly as we scale our interfaces, algorithms, and infrastructure. You can hear more from our team on our technical blog.

Your impact

As a Security Engineer in Product Security, you will:

• Partner with the product and engineering teams to integrate reproducible security practices into the product development lifecycle.
• Develop and implement security processes to identify, evaluate, and mitigate security risks in our AI product.
• Support our bug bounty security researcher community and maximize learning opportunities in our engineering processes.
• Conduct threat models, code reviews, pen testing, and offensive security exercises.
• Educate and mentor team members on best security practices.
• Keep up-to-date with the latest security systems, standards, authentication protocols, and product offerings.
• Represent Grammarly's security engineering team both within and outside of the company.

We're looking for someone who

• It embodies our EAGER values—ethical, adaptable, gritty, empathetic, and remarkable.
• Is inspired by our MOVE principles, which are the blueprint for how things get done at Grammarly: move fast and learn faster, obsess about creating customer value, value impact over activity, and embrace healthy disagreement rooted in trust.
• Can collaborate in person 2 weeks per quarter, traveling if necessary to the hub where the team is based.
• Has proven experience in security automation, DevSecOps, SRE, or a similar role.
• Has a strong understanding of cybersecurity threats, vulnerabilities, and mitigations.
• Is familiar with programming languages such as Python, Java, or Go.
• Is knowledgeable about cloud security best practices and technologies.
• Has excellent problem-solving skills, with the ability to work independently and handle multiple tasks.
• Has strong communication skills and can explain complex security issues in understandable terms.
• Nurtures the talent in the team and raises the technical talent bar when recruiting for their team.

Support for you, professionally and personally

• Professional growth: We believe that autonomy and trust are key to empowering our team members to do their best, most innovative work in a way that aligns with their interests, talents, and well-being. We support professional development and advancement with training, coaching, and regular feedback.
• A connected team: Grammarly builds a product that helps people connect, and we apply this mindset to our own team. Our remote-first hybrid model enables a highly collaborative culture supported by our EAGER (ethical, adaptable, gritty, empathetic, and remarkable) values. We work to foster belonging among team members in a variety of ways. This includes our employee resource groups, Grammarly Circles, which promote connection among those with shared identities, such as BIPOC and LGBTQIA+ team members, women, and parents. We also celebrate our colleagues and accomplishments with global, local, and team-specific programs.

Compensation and benefits

Grammarly offers all team members competitive pay along with a benefits package encompassing the following and more:

• Excellent health care (including a wide range of medical, dental, vision, mental health, and fertility benefits)
• Disability and life insurance options
• 401(k) and RRSP matching
• Paid parental leave
• Twenty days of paid time off per year, eleven days of paid holidays per year, and unlimited sick days
• Home office stipends
• Caregiver and pet care stipends
• Wellness stipends
• Admission discounts
• Learning and development opportunities

Grammarly takes a market-based approach to compensation, which means base pay may vary depending on your location. Our US and Canada locations are categorized into compensation zones based on each geographic region's cost of labor index. For more information about our compensation zones and locations where we currently support employment, please refer to this page. If a location of interest is not listed, please speak with a recruiter for additional information.

Base pay may vary considerably depending on job-related knowledge, skills, and experience. The expected salary ranges for this position are outlined below by compensation zone and may be modified in the future.

United States:

Zone 1: $282,000 – $390,000/year (USD)

Zone 2: $250,000 – $350,000/year (USD)

We encourage you to apply.

At Grammarly, we value our differences and encourage all to apply. Grammarly is an equal-opportunity company. We do not discriminate based on race or ethnic origin, religion or belief, gender, disability, sexual identity, or age.

For more details about the personal data Grammarly collects during the recruitment process, for what purposes, and how you can address your rights, please see the Grammarly Data Privacy Notice for Candidates here.

#LI-PF1

#LI-Hybrid

All team members meeting in person for official Grammarly business or working from a hub location are strongly encouraged to be vaccinated against COVID-19.