Security Engineer, Application Security

Grammarly is excited to offer a remote-first hybrid working model, which combines the flexibility of working from home with the benefits of gathering in person. Team members can work primarily remotely in the United States, Canada, Ukraine, Germany, Poland, and Portugal. Conditions permitting, teams will meet in person a few times every quarter at one of Grammarly's hubs, currently in San Francisco, Kyiv, New York, Vancouver, and Berlin, or in a shared workspace in Krakow.

Grammarly team members who will be collaborating in Berlin must be based in Germany, Ukraine, Poland, or Portugal. 

The opportunity 

Grammarly empowers people to thrive and connect whenever and wherever they communicate. Every day, over 30 million people and 50,000 teams around the world rely on our AI-powered communication assistance technology. All of this begins with our team collaborating in a values-driven and learning-oriented environment.

User trust is at the heart of everything that we do. To achieve our ambitious goals, we’re looking for a Security Engineer, Application Security to join the Grammarly Security team. This person will have a substantial impact on maintaining the trust of the millions of users who rely on Grammarly product offerings every day. They will drive security improvements across the entire stack, from the UI, to the back-end, to the underlying server infrastructure. 

Grammarly’s security engineers have the freedom to develop practical solutions that, in turn, influence our security culture. The engineering landscape at Grammarly is complex, as we create innovative product offerings, expand to new platforms, and scale underlying cloud systems—all while strengthening and expanding our global team. Read more about our stack or hear from our team on our technical blog.

Your impact

As Security Engineer, Application Security, you will:

• Deep dive into our services and product offerings to review the security of the design and implementation of our applications.
• Perform black-box and white-box penetration testing of different product offerings and web services.
• Research and deploy the latest security assurance tools to identify and prevent security risks within CI/CD pipelines.
• Work with the product development teams, raising security awareness and offering expertise to keep our products protected against known and unknown vulnerabilities.
• Identify root cause findings from the external security community through our bug bounty program.
• Represent Grammarly’s security engineering team both within and outside of the company.

We’re looking for someone who

• Embodies our EAGER values—is ethical, adaptable, gritty, empathetic, and remarkable.
• Is able to collaborate in person 2 weeks per quarter, traveling if necessary to the hub where the team is based.
• Is a security practitioner with a proven record of security-focused technical contributions in application security, secure development, and penetration testing. 
• Builds strong relationships with peers across the company to evangelize a security culture.
• Nurtures the talent in the team and raises the technical talent bar when recruiting for their team.
• Identifies impactful and practical solutions for security, from low-hanging fruit to long-term investments.

Support for you, professionally and personally

• Professional growth: We hire people we trust and give team members autonomy to do their best work. We also support professional development with training, coaching, and regular feedback.
• A connected team: Grammarly builds a product that helps people connect, and we apply this mindset to our own team. We have a highly collaborative culture supported by our EAGER values. We also take time to celebrate our colleagues and accomplishments with global, local, and team-specific events and programs.
• Comprehensive benefits: Grammarly offers all team members competitive pay along with a benefits package encompassing superior health care (including mental health benefits). We also offer support to set up a home office, ample and defined time off, gym and recreation stipends, and more.

We encourage you to apply

At Grammarly, we value our differences, and we encourage all to apply. Grammarly is an equal opportunity company. We do not discriminate on the basis of race or ethnic origin, religion or belief, gender, disability, sexual identity, or age.

For more details about the personal data Grammarly collects during the recruitment process, for what purposes, and how you can address your rights, please see the Grammarly Data Privacy Notice for Candidates here. 

#DE

Please note that Grammarly’s COVID-19 vaccination policy requires that all team members in North America be vaccinated against COVID-19 to meet in person for Grammarly business or to work from a North America hub location. It is expected that this will be a requirement for this role. Qualified candidates in North America who cannot be vaccinated for medical reasons or because of a sincerely held religious belief may request a reasonable accommodation to this policy. For Europe, this policy requires team members to be vaccinated or produce a daily negative COVID-19 test administered on-site to work from the hub or attend in-person meetings.

#LI-Hybrid