Security Engineer, Product Security (Native Applications)

Grammarly is excited to offer a remote-first hybrid working model. Grammarly team members in this role must be based in the United States or Canada; depending on business needs, they must meet in person for collaboration weeks, traveling if necessary to the hub(s) where their team is based.

This flexible approach gives team members the best of both worlds: plenty of focus time along with in-person collaboration that fosters trust and unlocks creativity.

About Grammarly

Grammarly is the world’s leading AI writing assistance company trusted by over 30 million people and 70,000 teams. From instantly creating a first draft to perfecting every message, Grammarly helps people at 96% of the Fortune 500 and teams at companies like Atlassian, Databricks, and Zoom get their point across—and get results—with best-in-class security practices that keep data private and protected. Founded in 2009, Grammarly is No. 14 on the Forbes Cloud 100, one of TIME’s 100 Most Influential Companies, one of Fast Company’s Most Innovative Companies in AI, and one of Inc.’s Best Workplaces.

The Opportunity

To achieve our ambitious goals, we’re looking for a Security Engineer focused on native application security join the Product Security team within our Trust & Enterprise organization. Our commitment to user trust is unwavering, and this new team member will play a crucial role in maintaining the trust of millions of users who rely on our products. With their expertise, we can drive security enhancements throughout our portfolio of native applications (macOS, Windows, iOS, and Android).

Grammarly’s engineers and researchers have the freedom to innovate and uncover breakthroughs—and, in turn, influence our product roadmap. The complexity of our technical challenges is growing rapidly as we scale our interfaces, algorithms, and infrastructure. You can hear more from our team on our technical blog.

As a Security Engineer in Product Security focused on native applications, you will:

• Drive the security posture for our native applications.
• Partner with the product and engineering teams to integrate reproducible security practices into the product development lifecycle.
• Develop and implement security processes to identify, evaluate, and mitigate security risks in our native AI products.
• Conduct threat models, code reviews, pen testing, and offensive security exercises, focusing on native applications.
• Build solutions to technical security problems, fully working as an engineer and not merely an analyst.
• Support our bug bounty security researcher community and maximize learning opportunities in our engineering processes.
• Educate and mentor team members on security best practices.
• Keep up-to-date with the latest security systems, standards, authentication protocols, and product offerings.
• Represent Grammarly’s security engineering team both within and outside of the company.

Qualifications

• Has 6+ years of relevant experience in the security engineering space. 
• Has strong experience in native app security for at least one of our platforms (Android, iOS, macOS, Windows) and an interest in growing skills for the remainder. 
• Is familiar with programming languages such as C#/.Net, Swift, and Kotlin.
• Has a strong understanding of cybersecurity threats, vulnerabilities, and mitigations, particularly how they interact with native applications.
• Has excellent problem-solving skills, with the ability to work independently and handle multiple tasks.
• Has strong communication skills and can explain complex security issues in understandable terms.
• Nurtures the talent in the team and raises the technical talent bar when recruiting for their team.
• Embodies our EAGER values—is ethical, adaptable, gritty, empathetic, and remarkable.
• Is inspired by our MOVE principles: move fast and learn faster; obsess about creating customer value; value impact over activity; and embrace healthy disagreement rooted in trust.
• Is able to meet in person for their team’s scheduled collaboration weeks, traveling if necessary to the hub where their team is based.

Compensation and Benefits

Grammarly offers all team members competitive pay along with a benefits package encompassing the following and more: 

• Excellent health care (including a wide range of medical, dental, vision, mental health, and fertility benefits)
• Disability and life insurance options
• 401(k) and RRSP matching 
• Paid parental leave
• 20 days of paid time off per year, 12 days of paid holidays per year, two floating holidays per year, and unlimited sick days 
• Generous stipends (including those for caregiving, pet care, wellness, your home office, and more)
• Annual professional development budget and opportunities

Grammarly takes a market-based approach to compensation, which means base pay may vary depending on your location. Our US locations are categorized into two compensation zones based on proximity to our hub locations.

Base pay may vary considerably depending on job-related knowledge, skills, and experience. The expected salary ranges for this position are outlined below by compensation zone and may be modified in the future.

United States: 

Zone 1: $280,000 – $350,000/year (USD)

Zone 2: $250,000 – $320,000/year (USD)

Canada:

Zone 1: $220,000 – $280,000/year (CAN)

For more information about our compensation zones and locations where we currently support employment, please refer to this page. If a location of interest is not listed, please speak with a recruiter for additional information. 

We encourage you to apply

At Grammarly, we value our differences, and we encourage all to apply—especially those whose identities are traditionally underrepresented in tech organizations. We do not discriminate on the basis of race, religion, color, gender expression or identity, sexual orientation, ancestry, national origin, citizenship, age, marital status, veteran status, disability status, political belief, or any other characteristic protected by law. Grammarly is an equal opportunity employer and a participant in the US federal E-Verify program (US). We also abide by the Employment Equity Act (Canada).

#LI-PM1