<div class="content-intro"><p><span style="font-size: 12pt;"><strong>About DevRev</strong></span></p>
<p>At DevRev, we're building the future of work with <em>Computer</em> – your AI teammate. Unlike traditional tools, <em>Computer</em> unifies all your data sources, tools, and workflows into a single AI-ready platform, giving employees real-time insights, proactive suggestions, and powerful agentic actions. It extends your existing software with AI-native apps and agents that work alongside your teams and customers – updating workflows, coordinating across teams, and eliminating repetitive work. We call this Team Intelligence: human-AI collaboration that breaks down silos, brings people back together, and frees you to solve bigger problems. Backed by Khosla Ventures and Mayfield with $150M+ raised, DevRev is trusted by global companies across industries.</p></div><h3><strong>About the Role:</strong></h3>
<p>We’re a growing SaaS startup building our security team from the ground up. We’re looking for a hands-on Product Security Engineer who enjoys breaking things (responsibly) and helping teams fix them fast.</p>
<p>This role is very practical and impact-driven. You’ll be embedded close to the product and engineering teams, proactively attacking our own systems before anyone else does. If you like moving fast, owning problems end-to-end, and thinking like a real attacker, this role is for you.</p>
<h3><strong>What You'll Do:</strong></h3>
<ul>
<li>Actively test our SaaS product for security vulnerabilities across web apps, APIs, and cloud infrastructure.</li>
<li>Perform manual security testing and targeted penetration tests (beyond automated scanners).</li>
<li>Implement and help implement automated security test suites.</li>
<li>Identify abuse cases, business logic flaws, and real-world attack paths.</li>
<li>Work directly with engineers to reproduce issues and drive fixes.</li>
<li>Help introduce lightweight security practices into the development process (threat modeling, secure design reviews).</li>
<li>Validate fixes and ensure issues are fully resolved.</li>
<li>Stay current on new vulnerabilities, attack techniques, and SaaS-relevant threats.</li>
</ul>
<h3><strong>What You'll Bring:<br></strong></h3>
<ul>
<li>5+ years of experience in application security, offensive security, or penetration testing.</li>
<li>Strong understanding of web and API security (OWASP Top 10, auth, sessions, access control).</li>
<li> Experience testing modern SaaS products.</li>
<li>Comfort working in cloud environments (AWS / GCP / Azure at a practical level).</li>
<li>Experience with common security testing tools (Burp Suite, Nuclei, etc.).</li>
<li>Ability to communicate findings clearly and pragmatically to engineers.</li>
<li>Self-starter mindset — comfortable operating with limited process and high ownership.</li>
</ul>
<h3><strong>Preferred, but not required:</strong></h3>
<ul>
<li>Startup experience or early-stage product exposure.</li>
<li>Bug bounty or responsible disclosure experience.</li>
<li>Secure code review experience (any major language).</li>
<li>Familiarity with CI/CD and modern SDLC security.</li>
<li>Offensive security certifications (OSCP, GWAPT, etc.).</li>
</ul>
<p> </p>
<p> </p><div class="content-conclusion"><p><em>DevRev is an equal opportunity employer and does not discriminate on the basis of race, gender, sexual orientation, gender identity/expression, national origin, disability, age, genetic information, veteran status, marital status, pregnancy or related condition, or any other basis protected by law.</em></p></div>
