Product Security Engineer, Clerk
+ Equity
Authentication and user management
Job no longer available
Authentication and user management
201-500 employees
Job no longer available
+ Equity
201-500 employees
Company mission
To solve user management once and for all.
Role
Who you are
- Proven experience in a software security, application security, or product security role with 7+ years (use this as a gauge, not a hard requirement) of hands-on experience
- Strong empathy with the ability to enable engineers to move quickly and securely, ideally having previously worked as a software engineer
- Expertise in proactive secure coding practices such as encryption, secrets management, and eliminating vulnerability classes (e.g. in the OWASP Top 10)
- Experience with reading and writing code in Go, TypeScript, or similar languages with the ability to dive into codebases, debug, and suggest fixes
- Experience with application security tooling (SAST/SCA/DAST/etc.) and building custom queries using Semgrep/CodeQL/etc
- Experience with authentication and authorization protocols such as OAuth, OpenID Connect, and SAML
- Familiarity with Supply-chain Levels for Software Artifacts (SLSA)
- Familiarity with Cloud infrastructure platforms, preferably GCP
What the job involves
- As a member of our security team, you will build secure-by-default, defense-in-depth, and least privilege mechanisms throughout our product lifecycle
- You will work closely with engineering teams on security best practices from design and architecture to implementation and monitoring
- You will have the opportunity to build from the ground up to experiment and innovate with modern software security practices
- Create paved roads for engineers to develop securely by default and build guardrails for when we veer off course
- Conduct regular architecture reviews and code audits to detect potential threats, risks, and vulnerabilities
- Harden our CI/CD pipelines and improve the integrity of Clerk’s software artifacts
- Contribute to and improve Clerk’s vulnerability management program including vulnerability disclosure, security scans, and penetration tests
- Provide guidance and training to teammates on security best practices and building resiliency into our systems
- Collaborate with our Infrastructure team to establish secure infrastructure-as-code modules and minimal base container images
- Document secure development policies and practices
Our take
Authentication is only part of the story when it comes to user management. Developers using API tools also face the complex UI and management issues of additional features like user sign-up, sign-in, and session management, to name a few. Clerk was founded to make this simpler, reducing hours of work to minutes using pre-built React components.
Clerk stands out in a market dominated by the likes of Auth0 and OneSpan with its focus on React rather than API. This taps into a growing number of developers working with Jamstack rather than trying to wrestle customers away from market incumbents - a smart move which has seen its userbase swell by five times, growing to over a million developers.
This rapid growth has attracted investors, and Clerk closed a Series B round in 2024. This funding is being used to expand the company's services into authorisation - determining a user's permissions as opposed to simply identifying them. As account security and management will continue to be a major focus for developers going forward, Clerk is well positioned to grow into a major player in this space, especially as it continues to expand its product range.
Steph
Company Specialist at Welcome to the Jungle
Company
Funding (last 2 of 7 rounds)
Oct 2025
$50m
SERIES C
Jan 2024
$30m
SERIES B
Total funding: $109m
Company benefits
- Competitive salary: We want you to know that we value the skills you bring to the table, so we go out of our way to make sure you’re fairly compensated.
- Equity ownership: At Clerk, we believe in shared success, which is why we offer a stock option plan that everyone stands to benefit from as we grow.
- Health coverage: We care about your well-being, so we offer top-tier health insurance to ensure your health needs are met. (US-based employees)
- Work equipment: We’ll make sure you have everything you need to set up your ideal home office with the gear of your choice.
- Flexible vacation policy: We're believers in work-life balance and trust you to take the time you need with our unlimited vacation policy.
- Remote and diverse team: We're committed to fostering an inclusive environment where you can do the best work of your life with a global, fully-remote team.
Company HQ
SoMa, San Francisco, CA
Leadership
Colin Sidoti
(Co-Founder)Prior to co-founding Clerk in 2019, Colin was an Independent Consultant for nearly 8 years. He also spent 1 year at We-Care.com as a Web Developer.
Braden Sidoti
(Co-Founder & CTO)Previously a Member of the South Park Commons. He was also an iOS Engineering Manager at Inspirato and an iOS Developer at hostess.fm and Fuzz Productions.
Share this job
View 3 more jobs at Clerk