Security Automation Engineer

Job Description

Vercel is seeking a Security Automation Engineer to enhance its security team. This hybrid role, based in San Francisco, involves building internal security tools, automating secure design reviews, and integrating security guidance into pull requests. The engineer will empower both security and development teams by streamlining the security review process and embedding best practices into the Software Development Lifecycle (SDLC).

What This Role Involves:

• Developing and maintaining security automation tooling.
• Automating secure design reviews and integrating security checks into CI/CD pipelines.
• Building and managing security operations automation, including data pipelines and SOAR workflows.
• Collaborating with development and security teams.
• Refining automation strategies to optimize security effectiveness.
• Supporting vulnerability management efforts.

Requirements:

• Experience building automation tooling for security or developer efficiency.
• Proficiency in at least one scripting language (Python, JavaScript, or Bash) and familiarity with a compiled language (Go, Rust, or Java).
• Experience with GitHub automation and API integrations.
• Strong understanding of CI/CD pipelines and security integration.
• Knowledge of infrastructure-as-code security best practices.
• Ability to collaborate effectively across teams.

Vercel Offers:

• Competitive compensation package, including equity.
• Inclusive Healthcare Package.
• Flexible Time Off.