About DevRev

At DevRev, we're building the future of work with Computer – your AI teammate. Unlike traditional tools, Computer unifies all your data sources, tools, and workflows into a single AI-ready platform, giving employees real-time insights, proactive suggestions, and powerful agentic actions. It extends your existing software with AI-native apps and agents that work alongside your teams and customers – updating workflows, coordinating across teams, and eliminating repetitive work. We call this Team Intelligence: human-AI collaboration that breaks down silos, brings people back together, and frees you to solve bigger problems. Backed by Khosla Ventures and Mayfield with $150M+ raised, DevRev is trusted by global companies across industries.

About the Role:

We’re a growing SaaS startup building our security team from the ground up. We’re looking for a hands-on Product Security Engineer who enjoys breaking things (responsibly) and helping teams fix them fast.

This role is very practical and impact-driven. You’ll be embedded close to the product and engineering teams, proactively attacking our own systems before anyone else does. If you like moving fast, owning problems end-to-end, and thinking like a real attacker, this role is for you.

What You'll Do:

• Actively test our SaaS product for security vulnerabilities across web apps, APIs, and cloud infrastructure.
• Perform manual security testing and targeted penetration tests (beyond automated scanners).
• Implement and help implement automated security test suites.
• Identify abuse cases, business logic flaws, and real-world attack paths.
• Work directly with engineers to reproduce issues and drive fixes.
• Help introduce lightweight security practices into the development process (threat modeling, secure design reviews).
• Validate fixes and ensure issues are fully resolved.
• Stay current on new vulnerabilities, attack techniques, and SaaS-relevant threats.

What You'll Bring:

• 5+ years of experience in application security, offensive security, or penetration testing.
• Strong understanding of web and API security (OWASP Top 10, auth, sessions, access control).
•  Experience testing modern SaaS products.
• Comfort working in cloud environments (AWS / GCP / Azure at a practical level).
• Experience with common security testing tools (Burp Suite, Nuclei, etc.).
• Ability to communicate findings clearly and pragmatically to engineers.
• Self-starter mindset — comfortable operating with limited process and high ownership.

Preferred, but not required:

• Startup experience or early-stage product exposure.
• Bug bounty or responsible disclosure experience.
• Secure code review experience (any major language).
• Familiarity with CI/CD and modern SDLC security.
• Offensive security certifications (OSCP, GWAPT, etc.).

DevRev is an equal opportunity employer and does not discriminate on the basis of race, gender, sexual orientation, gender identity/expression, national origin, disability, age, genetic information, veteran status, marital status, pregnancy or related condition, or any other basis protected by law.