Product Security - Senior Security Engineer / SDE at Auth0
United States of America

Auth0 provides a secure, highly available, enterprise-grade platform that secures billions of log-ins every year. The company makes it easy to implement even the most complex identity solutions for their web, mobile, IoT and internal applications, as well as sophisticated identity management for employees, customers and partners. Auth0 has raised over $54 million from Meritech Capital, NTT DoCoMo, Trinity Ventures, Bessemer Venture Partners, K9 Ventures, Silicon Valley Bank, Founders Co-Op, Portland Seed Fund and NXTP Labs.


Thousands of enterprises and millions of users worldwide depend on Auth0 for authentication and authorization of their most mission-critical apps, APIs and IoT devices. Auth0’s top priorities are availability and security.


We are looking for a Senior Product Security Engineer to join us in keeping Auth0 and our customers data safe. Our engineering team builds web apps, mobile apps, and APIs, and we have customers in just about every industry. This creates many interesting use cases that we need to support while maintaining security.


The individual filling this role will work closely with our product teams, and should feel comfortable auditing services and shipping bug fixes into production. This is an exciting time to join Auth0 as we are growing quickly and this role is an opportunity to drive the expansion of our Product Security team.


*To be considered, please apply using your most-updated CV or resume. Cover letter preferred, but not required.


Provide engineering leadership to a team of Product Security Engineers and all of our product engineering crews

Own the most sensitive components components of our authentication architecture


Significant experience working as an application developer in the identity space

Significant experience open identity standards such as SAML, OAuth2, OpenID Connect

Deep Knowledge of common security flaws and resolution as published by OWASP, SANS, etc.

Significant experience securing modern web applications

Development experience with a programming or scripting knowledge

Extra points:

FIDO/U2F knowledge

AD/ADFS and other common identity services

Development experience with Node.js / Javascript