Senior Web Security Engineer, Browser Platform jobs in United States
cer-icon
Apply on Employer Site
company-logo

DuckDuckGo · 3 weeks ago

Senior Web Security Engineer, Browser Platform

positionUnited States
timeFull-time
remoteHybrid
senioritySenior Level
money$178K/yr - $178K/yr
date7+ years exp

DuckDuckGo is an online protection company on a mission to raise the standard of trust online. As a Senior Web Security Engineer on the Browser Platform team, you will ensure the security capabilities keep pace with rapid product development, conduct security audits, and manage application security scanning infrastructure.

InternetPrivacySearch Engine
check
Growth Opportunities

Responsibilities

Conduct browser security audits (special pages, DuckAI integrations, password manager, etc.)
Execute on SERP security mitigations (XSS prevention, tooling development to help engineers write safer code)
Manage application security scanning infrastructure setup (aka SAST/DAST integrations in GitHub)
Deliver on Internal red-team operations (simulated attack scenarios)
Support security triage
Work on general security related projects

Qualification

Web application securityJavaScript programmingWebView technologyVulnerability exploitationSecurity testing toolsProcess improvementCollaboration skills

Required

7+ years of experience in web or application security (performing security assessments, vulnerability research, penetration testing, or secure code review)
Advanced programming or scripting experience with JavaScript. Any additional experience with our stack is a bonus: Swift/Kotlin/C#/JavaScript (native apps) or JavaScript/Perl/Go (search)
Experience with at least one WebView technology (WebKit, WebView2, Chromium WebView, etc.) and understanding of browser security models (SOP, CSP, CORS, SameSite cookies)
Hands-on experience identifying and exploiting web vulnerabilities (XSS, CSRF, injection attacks, authorization flaws, etc.)
Familiarity with security testing tools and frameworks
Experience partnering and collaborating with Product Engineers, advising on security matters and helping teams ship secure code faster
Experience shaping how an organisation thinks about security - driving best practices, improving processes, and raising the bar across teams

Benefits

Paid parental leave
Office setup
Co-working allowances

Company

DuckDuckGo

twittertwittertwitter
Glassdoor4.9
company-logo
Independent online protection company. Get our browser with protections built-in, including our search engine that doesn’t track you.
dateFounded in 2008
location
Paoli, Pennsylvania, USA
people-size51-200 employees
web-link
https://duckduckgo.com

Funding

Current Stage
Late Stage
Total Funding
$182.35M
Key Investors
Tiger Global ManagementOMERS VenturesUnion Square Ventures
2021-08-17Series D· $10.35M
2021-06-09Series C· $59M
2020-12-01Secondary Market· $100M

Leadership Team

leader-logo
Caine Tighe
CTO

Recent News

TechSpot
DuckDuckGo Browser allows private browsing by default
2026-01-09
Ubergizmo
DuckDuckGo Adds AI Image Generation To Its Privacy Platform
2025-12-25
Android Headlines
DuckDuckGo Launches Privacy-First AI Image Generator
2025-12-20
Company data provided by crunchbase