Job Details

About the Role

As Comet continues to grow as a stand-alone product and codebase, we are seeking a Browser Security Engineer to lead and own browser-specific security initiatives, including custom Chromium development, extension security, and cross-device features.

• Browser/Chromium Security:Browser security encompasses threats and vulnerabilities (e.g., XSS and Same-Origin Policy issues).

• Custom Engineering:The Comet product features substantial custom work, including our Chromium fork, browser extensions, and secure sync features between devices.

• Proactive Partnership:As Comet's complexity grows, a dedicated security engineer embedded with the product team will enable us to proactively identify and address concerns—well before red-teaming or external audits.

What You'll Do

• Lead threat modeling and security architecture reviews for all Comet browser surfaces.

• Collaborate closely with product and engineering teams to proactively identify and mitigate browser vulnerabilities, especially issues specific to custom Chrome engineering and browser extension architecture.

• Develop security best practices, tooling, and documentation for engineers building browser-facing features.

• Serve as the security expert for topics such as Same-Origin Policy (SOP), XSS, sandboxing, browser extension permissions, and secure inter-device communication.

• Triage and resolve vulnerabilities found by external researchers (e.g., bug bounty, red-teaming partners) and the Chromium community.

• Build strong relationships with security partners and leverage their feedback for continuous improvement.

• Stay up to date on emerging browser security threats, tools, and industry trends.

What We're Looking For

• Prior experience in browser, application, or product security (ideally with Chrome/Chromium or other browser engine experience).

• Deep knowledge of modern browser architectures; understanding of XSS, CSP, sandboxing, extension security, and WebView-specific threats.

• Experience with security reviews and threat modeling for web, mobile, and extension platforms.

• Ability to work cross-functionally with engineers, product leads, and external security researchers.

Nice to Have

• Contributions to open-source browser projects, security research, or participation in bug bounty programs.

• Experience with web and mobile threat modeling.

• Familiarity with secure sync and cross-device communication mechanisms.

• Track record of proactive security work embedded within product teams.

Why Join Us?

• Shape security strategy for a next-generation browser product.

• Work on challenging problems at the intersection of custom Chromium engineering, browser extensions, and mobile security.

• Collaborate with top engineers in an environment that prioritizes security and product excellence.

The cash compensation range for this role is $250,000 - $350,000.

Final offer amounts are determined by multiple factors, including, experience and expertise, and may vary from the amounts listed above.
Equity: In addition to the base salary, equitymay be partof the total compensation package.
Benefits: Comprehensive health, dental, and vision insurance for you and your dependents. Includes a 401(k) plan.