About DevRev
At DevRev, we're building the future of work with
Computer your AI teammate. Unlike traditional tools,
Computer unifies all your data sources, tools, and workflows into a single AI-ready platform, giving employees real-time insights, proactive suggestions, and powerful agentic actions. It extends your existing software with AI-native apps and agents that work alongside your teams and customers updating workflows, coordinating across teams, and eliminating repetitive work. We call this Team Intelligence: human-AI collaboration that breaks down silos, brings people back together, and frees you to solve bigger problems. Backed by Khosla Ventures and Mayfield with $150M+ raised, DevRev is trusted by global companies across industries.
About The Role
We're a growing SaaS startup building our security team from the ground up. We're looking for a hands-on Product Security Engineer who enjoys breaking things (responsibly) and helping teams fix them fast.
This role is very practical and impact-driven. You'll be embedded close to the product and engineering teams, proactively attacking our own systems before anyone else does. If you like moving fast, owning problems end-to-end, and thinking like a real attacker, this role is for you.
What You'll Do
- Actively test our SaaS product for security vulnerabilities across web apps, APIs, and cloud infrastructure.
- Perform manual security testing and targeted penetration tests (beyond automated scanners).
- Implement and help implement automated security test suites.
- Identify abuse cases, business logic flaws, and real-world attack paths.
- Work directly with engineers to reproduce issues and drive fixes.
- Help introduce lightweight security practices into the development process (threat modeling, secure design reviews).
- Validate fixes and ensure issues are fully resolved.
- Stay current on new vulnerabilities, attack techniques, and SaaS-relevant threats.
What You'll Bring
- 5+ years of experience in application security, offensive security, or penetration testing.
- Strong understanding of web and API security (OWASP Top 10, auth, sessions, access control).
- Experience testing modern SaaS products.
- Comfort working in cloud environments (AWS / GCP / Azure at a practical level).
- Experience with common security testing tools (Burp Suite, Nuclei, etc.).
- Ability to communicate findings clearly and pragmatically to engineers.
- Self-starter mindset comfortable operating with limited process and high ownership.
Preferred, But Not Required
- Startup experience or early-stage product exposure.
- Bug bounty or responsible disclosure experience.
- Secure code review experience (any major language).
- Familiarity with CI/CD and modern SDLC security.
- Offensive security certifications (OSCP, GWAPT, etc.).
DevRev is an equal opportunity employer and does not discriminate on the basis of race, gender, sexual orientation, gender identity/expression, national origin, disability, age, genetic information, veteran status, marital status, pregnancy or related condition, or any other basis protected by law. 
